package pl.edu.icm.unity.webui.authn;

import com.vaadin.server.Page;
import com.vaadin.server.VaadinSession;
import com.vaadin.server.WrappedSession;
import com.vaadin.ui.UI;
import java.net.URI;
import java.util.List;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.exceptions.AuthorizationException;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.server.api.AuthenticationManagement;
import pl.edu.icm.unity.server.api.IdentitiesManagement;
import pl.edu.icm.unity.server.api.internal.AttributesInternalProcessing;
import pl.edu.icm.unity.server.authn.AuthenticatedEntity;
import pl.edu.icm.unity.server.authn.AuthenticationException;
import pl.edu.icm.unity.server.authn.AuthenticationProcessorUtil;
import pl.edu.icm.unity.server.authn.AuthenticationResult;
import pl.edu.icm.unity.server.authn.UnsuccessfulAuthenticationCounter;
import pl.edu.icm.unity.server.authn.remote.UnknownRemoteUserException;
import pl.edu.icm.unity.server.utils.Log;
import pl.edu.icm.unity.server.utils.UnityMessageSource;
import pl.edu.icm.unity.types.basic.AttributeExt;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.webui.WebSession;
import pl.edu.icm.unity.webui.common.credentials.CredentialEditorRegistry;

@Component
/* loaded from: input_file:pl/edu/icm/unity/webui/authn/AuthenticationProcessor.class */
public class AuthenticationProcessor {
    private static final Logger log = Log.getLogger("unity.server.web", AuthenticationProcessor.class);
    private UnityMessageSource msg;
    private AuthenticationManagement authnMan;
    private IdentitiesManagement idsMan;
    private AttributesInternalProcessing attrProcessor;
    private CredentialEditorRegistry credEditorReg;

    @Autowired
    public AuthenticationProcessor(UnityMessageSource unityMessageSource, AuthenticationManagement authenticationManagement, IdentitiesManagement identitiesManagement, AttributesInternalProcessing attributesInternalProcessing, CredentialEditorRegistry credentialEditorRegistry) {
        this.msg = unityMessageSource;
        this.authnMan = authenticationManagement;
        this.idsMan = identitiesManagement;
        this.attrProcessor = attributesInternalProcessing;
        this.credEditorReg = credentialEditorRegistry;
    }

    public void processResults(List<AuthenticationResult> list, String str) throws AuthenticationException {
        UnsuccessfulAuthenticationCounter loginCounter = getLoginCounter();
        try {
            AuthenticatedEntity processResults = AuthenticationProcessorUtil.processResults(list);
            setLabel(processResults);
            WrappedSession logged = logged(processResults);
            if (processResults.isUsedOutdatedCredential()) {
                showCredentialUpdate();
            } else {
                redirectToOrigin(logged);
            }
        } catch (AuthenticationException e) {
            if (!(e instanceof UnknownRemoteUserException)) {
                loginCounter.unsuccessfulAttempt(str);
            }
            throw e;
        }
    }

    private void setLabel(AuthenticatedEntity authenticatedEntity) {
        try {
            AttributeExt attributeByMetadata = this.attrProcessor.getAttributeByMetadata(new EntityParam(authenticatedEntity.getEntityId()), "/", "entityDisplayedName");
            if (attributeByMetadata != null) {
                authenticatedEntity.setEntityLabel((String) attributeByMetadata.getValues().get(0));
            }
        } catch (AuthorizationException e) {
            log.debug("Not setting entity's label as the client is not authorized to read the attribute", e);
        } catch (EngineException e2) {
            log.error("Can not get the attribute designated with EntityName", e2);
        }
    }

    private void showCredentialUpdate() {
        new OutdatedCredentialDialog(this.msg, this.authnMan, this.idsMan, this.credEditorReg).show();
    }

    private static WrappedSession logged(AuthenticatedEntity authenticatedEntity) throws AuthenticationException {
        VaadinSession current = VaadinSession.getCurrent();
        if (current == null) {
            log.error("BUG: Can't get VaadinSession to store authenticated user's data.");
            throw new AuthenticationException("AuthenticationProcessor.authnInternalError");
        }
        WrappedSession session = current.getSession();
        session.setAttribute(WebSession.USER_SESSION_KEY, authenticatedEntity);
        return session;
    }

    private static void redirectToOrigin(WrappedSession wrappedSession) throws AuthenticationException {
        UI current = UI.getCurrent();
        if (current == null) {
            log.error("BUG Can't get UI to redirect the authenticated user.");
            throw new AuthenticationException("AuthenticationProcessor.authnInternalError");
        }
        current.getPage().open(getOriginalURL(wrappedSession), "");
    }

    public static String getOriginalURL(WrappedSession wrappedSession) throws AuthenticationException {
        String str = (String) wrappedSession.getAttribute(AuthenticationFilter.ORIGINAL_ADDRESS);
        if (str == null) {
            throw new AuthenticationException("AuthenticationProcessor.noOriginatingAddress");
        }
        return str;
    }

    public static void logout() {
        WrappedSession session = VaadinSession.getCurrent().getSession();
        Page current = Page.getCurrent();
        URI location = current.getLocation();
        session.invalidate();
        current.setLocation(location);
    }

    public static void logoutAndRefresh() {
        String uri;
        WrappedSession session = VaadinSession.getCurrent().getSession();
        Page current = Page.getCurrent();
        try {
            uri = getOriginalURL(session);
        } catch (AuthenticationException e) {
            uri = current.getLocation().toString();
        }
        session.invalidate();
        current.setLocation(uri);
    }

    public static UnsuccessfulAuthenticationCounter getLoginCounter() {
        return (UnsuccessfulAuthenticationCounter) VaadinSession.getCurrent().getSession().getHttpSession().getServletContext().getAttribute(UnsuccessfulAuthenticationCounter.class.getName());
    }
}
