package com.liferay.portal.security.auth.session;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.events.EventsProcessorUtil;
import com.liferay.portal.kernel.cluster.ClusterExecutorUtil;
import com.liferay.portal.kernel.cluster.ClusterNode;
import com.liferay.portal.kernel.cookies.CookiesManagerUtil;
import com.liferay.portal.kernel.encryptor.EncryptorUtil;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.json.JSONFactoryUtil;
import com.liferay.portal.kernel.json.JSONObject;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.messaging.MessageBusUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.model.RememberMeToken;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.model.UserTracker;
import com.liferay.portal.kernel.security.auth.AuthException;
import com.liferay.portal.kernel.service.CompanyLocalServiceUtil;
import com.liferay.portal.kernel.service.RememberMeTokenLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.HttpComponentsUtil;
import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.liveusers.LiveUsers;
import com.liferay.portal.util.PropsValues;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/liferay/portal/security/auth/session/AuthenticatedSessionManagerUtil.class */
public class AuthenticatedSessionManagerUtil {
    private static final Log _log = LogFactoryUtil.getLog(AuthenticatedSessionManagerUtil.class);

    public static long getAuthenticatedUserId(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws PortalException {
        return _getAuthenticatedUser(httpServletRequest, str, str2, str3).getUserId();
    }

    public static boolean isPasswordParameterInQueryString(HttpServletRequest httpServletRequest) {
        String str;
        String queryString = HttpComponentsUtil.getQueryString(httpServletRequest);
        if (!Validator.isNotNull(queryString) || !queryString.contains("password=")) {
            return false;
        }
        str = "password=";
        String portletId = PortalUtil.getPortletId(httpServletRequest);
        int indexOf = queryString.indexOf(portletId != null ? PortalUtil.getPortletNamespace(portletId) + str : "password=");
        if (indexOf != 0 && (indexOf <= 0 || queryString.charAt(indexOf - 1) != '&')) {
            return false;
        }
        if (!_log.isWarnEnabled()) {
            return true;
        }
        _log.warn(StringBundler.concat(new String[]{"Ignoring login attempt because the password ", "parameter was found for the request with the ", "referer header: ", httpServletRequest.getHeader("Referer")}));
        return true;
    }

    public static void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z, String str3) throws Exception {
        HttpServletRequest originalServletRequest = PortalUtil.getOriginalServletRequest(httpServletRequest);
        if (isPasswordParameterInQueryString(originalServletRequest)) {
            return;
        }
        CookiesManagerUtil.validateSupportCookie(originalServletRequest);
        HttpSession session = originalServletRequest.getSession();
        Company company = PortalUtil.getCompany(originalServletRequest);
        User _getAuthenticatedUser = _getAuthenticatedUser(originalServletRequest, str, str2, str3);
        if (!PropsValues.AUTH_SIMULTANEOUS_LOGINS) {
            signOutSimultaneousLogins(_getAuthenticatedUser.getUserId());
        }
        if (PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) {
            session = renewSession(originalServletRequest, session);
        }
        String domain = CookiesManagerUtil.getDomain(originalServletRequest);
        if (Validator.isNull(domain)) {
            domain = null;
        }
        String valueOf = String.valueOf(_getAuthenticatedUser.getUserId());
        session.setAttribute("j_username", valueOf);
        if (PropsValues.PORTAL_JAAS_PLAIN_PASSWORD) {
            session.setAttribute("j_password", str2);
        } else {
            session.setAttribute("j_password", _getAuthenticatedUser.getPassword());
        }
        session.setAttribute("j_remoteuser", valueOf);
        if (PropsValues.SESSION_STORE_PASSWORD) {
            session.setAttribute("USER_PASSWORD", str2);
        }
        Cookie cookie = new Cookie("COMPANY_ID", String.valueOf(company.getCompanyId()));
        if (domain != null) {
            cookie.setDomain(domain);
        }
        Cookie cookie2 = new Cookie("ID", EncryptorUtil.encrypt(company.getKeyObj(), valueOf));
        if (domain != null) {
            cookie2.setDomain(domain);
        }
        int i = PropsValues.COMPANY_SECURITY_AUTO_LOGIN_MAX_AGE;
        if (z) {
            cookie.setMaxAge(i);
            cookie2.setMaxAge(i);
        } else {
            cookie.setMaxAge(-1);
            cookie2.setMaxAge(-1);
        }
        CookiesManagerUtil.addCookie(2, cookie, originalServletRequest, httpServletResponse);
        CookiesManagerUtil.addCookie(2, cookie2, originalServletRequest, httpServletResponse);
        if (z) {
            CookiesManagerUtil.addCookie(1, _createCookie("LOGIN", str, domain, i), originalServletRequest, httpServletResponse);
            CookiesManagerUtil.addCookie(1, _createCookie("REMEMBER_ME", Boolean.TRUE.toString(), domain, i), originalServletRequest, httpServletResponse);
            Cookie _createCookie = _createCookie("REMEMBER_ME_TOKEN_VALUE", "", domain, i);
            long companyId = _getAuthenticatedUser.getCompanyId();
            long userId = _getAuthenticatedUser.getUserId();
            Date date = new Date(System.currentTimeMillis() + (i * 1000));
            Objects.requireNonNull(_createCookie);
            CookiesManagerUtil.addCookie(1, _createCookie("REMEMBER_ME_TOKEN_ID", String.valueOf(RememberMeTokenLocalServiceUtil.addRememberMeToken(companyId, userId, date, _createCookie::setValue).getRememberMeTokenId()), domain, i), originalServletRequest, httpServletResponse);
            CookiesManagerUtil.addCookie(1, _createCookie, originalServletRequest, httpServletResponse);
        }
    }

    public static void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        RememberMeToken fetchRememberMeToken;
        HttpSession session = httpServletRequest.getSession();
        EventsProcessorUtil.process("logout.events.pre", PropsValues.LOGOUT_EVENTS_PRE, httpServletRequest, httpServletResponse);
        String domain = CookiesManagerUtil.getDomain(httpServletRequest);
        if (Validator.isNull(domain)) {
            domain = null;
        }
        if (!GetterUtil.getBoolean(CookiesManagerUtil.getCookieValue("REMEMBER_ME", httpServletRequest, false))) {
            CookiesManagerUtil.deleteCookies(domain, httpServletRequest, httpServletResponse, new String[]{"LOGIN"});
        }
        String cookieValue = CookiesManagerUtil.getCookieValue("REMEMBER_ME_TOKEN_ID", httpServletRequest);
        if (Validator.isNotNull(cookieValue) && (fetchRememberMeToken = RememberMeTokenLocalServiceUtil.fetchRememberMeToken(GetterUtil.getLong(cookieValue))) != null) {
            RememberMeTokenLocalServiceUtil.deleteRememberMeToken(fetchRememberMeToken);
        }
        CookiesManagerUtil.deleteCookies(domain, httpServletRequest, httpServletResponse, new String[]{"COMPANY_ID", "GUEST_LANGUAGE_ID", "ID", "PASSWORD", "REMEMBER_ME", "REMEMBER_ME_TOKEN_ID", "REMEMBER_ME_TOKEN_VALUE"});
        try {
            session.invalidate();
        } catch (Exception e) {
            if (_log.isDebugEnabled()) {
                _log.debug(e);
            }
        }
        EventsProcessorUtil.process("logout.events.post", PropsValues.LOGOUT_EVENTS_POST, httpServletRequest, httpServletResponse);
    }

    public static HttpSession renewSession(HttpServletRequest httpServletRequest, HttpSession httpSession) throws Exception {
        String[] strArr = PropsValues.SESSION_PHISHING_PROTECTED_ATTRIBUTES;
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            Object attribute = httpSession.getAttribute(str);
            if (attribute != null) {
                hashMap.put(str, attribute);
            }
        }
        httpSession.invalidate();
        HttpSession session = httpServletRequest.getSession(true);
        for (String str2 : strArr) {
            Object obj = hashMap.get(str2);
            if (obj != null) {
                session.setAttribute(str2, obj);
            }
        }
        return session;
    }

    public static void signOutSimultaneousLogins(long j) throws Exception {
        long companyIdByUserId = CompanyLocalServiceUtil.getCompanyIdByUserId(j);
        for (UserTracker userTracker : new ArrayList(LiveUsers.getSessionUsers(companyIdByUserId).values())) {
            if (j == userTracker.getUserId()) {
                JSONObject createJSONObject = JSONFactoryUtil.createJSONObject();
                ClusterNode localClusterNode = ClusterExecutorUtil.getLocalClusterNode();
                if (localClusterNode != null) {
                    createJSONObject.put("clusterNodeId", localClusterNode.getClusterNodeId());
                }
                createJSONObject.put("command", "signOut").put("companyId", companyIdByUserId).put("sessionId", userTracker.getSessionId()).put("userId", j);
                MessageBusUtil.sendMessage("liferay/live_users", createJSONObject.toString());
            }
        }
    }

    private static Cookie _createCookie(String str, String str2, String str3, int i) {
        Cookie cookie = new Cookie(str, str2);
        if (str3 != null) {
            cookie.setDomain(str3);
        }
        cookie.setMaxAge(i);
        return cookie;
    }

    private static User _getAuthenticatedUser(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws PortalException {
        if (httpServletRequest.getRequestURI().startsWith(PortalUtil.getPathContext().concat("/api/liferay"))) {
            throw new AuthException();
        }
        Company company = PortalUtil.getCompany(httpServletRequest);
        HashMap hashMap = new HashMap();
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str4 = (String) headerNames.nextElement();
            Enumeration headers = httpServletRequest.getHeaders(str4);
            ArrayList arrayList = new ArrayList();
            while (headers.hasMoreElements()) {
                arrayList.add((String) headers.nextElement());
            }
            hashMap.put(str4, (String[]) arrayList.toArray(new String[0]));
        }
        Map parameterMap = httpServletRequest.getParameterMap();
        HashMap hashMap2 = new HashMap();
        if (Validator.isNull(str3)) {
            str3 = company.getAuthType();
        }
        int i = -1;
        if (str3.equals("emailAddress")) {
            i = UserLocalServiceUtil.authenticateByEmailAddress(company.getCompanyId(), str, str2, hashMap, parameterMap, hashMap2);
        } else if (str3.equals("screenName")) {
            i = UserLocalServiceUtil.authenticateByScreenName(company.getCompanyId(), str, str2, hashMap, parameterMap, hashMap2);
        } else if (str3.equals("userId")) {
            i = UserLocalServiceUtil.authenticateByUserId(company.getCompanyId(), GetterUtil.getLong(str), str2, hashMap, parameterMap, hashMap2);
        }
        if (i != 1) {
            throw new AuthException();
        }
        return (User) hashMap2.get("user");
    }

    private AuthenticatedSessionManagerUtil() {
    }
}
