package org.wso2.carbon.identity.thrift.authentication;

import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.core.services.util.CarbonAuthenticationUtil;
import org.wso2.carbon.identity.authentication.AuthenticationService;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.ThriftSession;

/* loaded from: input_file:org/wso2/carbon/identity/thrift/authentication/ThriftAuthenticatorServiceImpl.class */
public class ThriftAuthenticatorServiceImpl extends AbstractAdmin implements ThriftAuthenticatorService {
    private static final Log log = LogFactory.getLog(ThriftAuthenticatorServiceImpl.class);
    private static ThriftAuthenticatorServiceImpl instance = new ThriftAuthenticatorServiceImpl();
    private static long thriftSessionTimeOut = 60000;
    private AuthenticationService authenticationService;
    private RealmService realmService;
    private Map<String, ThriftSession> authenticatedSessions = new ConcurrentHashMap();

    private ThriftAuthenticatorServiceImpl() {
    }

    public static ThriftAuthenticatorServiceImpl getInstance() {
        return instance;
    }

    public void init(AuthenticationService authenticationService, RealmService realmService) {
        this.authenticationService = authenticationService;
        this.realmService = realmService;
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public String authenticate(String str, String str2) throws AuthenticationException {
        String substring;
        if (str == null) {
            logAndAuthenticationException("Authentication request was missing the user name ");
        }
        if (str.indexOf("@") > 0 && ((substring = str.substring(str.indexOf("@") + 1)) == null || substring.trim().equals(""))) {
            logAndAuthenticationException("Authentication request was missing the domain name of the user");
        }
        if (str2 == null) {
            logAndAuthenticationException("Authentication request was missing the required password");
        }
        if (!this.authenticationService.authenticate(str, str2)) {
            return null;
        }
        for (Map.Entry<String, ThriftSession> entry : this.authenticatedSessions.entrySet()) {
            if (str.equals(entry.getValue().getUserName()) && str2.equals(entry.getValue().getPassword())) {
                String key = entry.getKey();
                if (isSessionValid(key)) {
                    this.authenticatedSessions.get(key).setLastAccess(System.currentTimeMillis());
                    return entry.getKey();
                }
                this.authenticatedSessions.remove(key);
            }
        }
        try {
            String uuid = UUID.randomUUID().toString();
            ThriftSession thriftSession = new ThriftSession();
            thriftSession.setSessionId(uuid);
            thriftSession.setUserName(str);
            thriftSession.setPassword(str2);
            thriftSession.setCreatedAt(System.currentTimeMillis());
            thriftSession.setLastAccess(System.currentTimeMillis());
            if (this.realmService == null) {
                log.error("Realm service not properly set..");
                throw new AuthenticationException("Realm service not properly set..");
            }
            String tenantDomain = UserCoreUtil.getTenantDomain(this.realmService, str);
            CarbonAuthenticationUtil.onSuccessAdminLogin(thriftSession, str, this.realmService.getTenantManager().getTenantId(tenantDomain), tenantDomain, "");
            this.authenticatedSessions.put(uuid, thriftSession);
            return uuid;
        } catch (Exception e) {
            String str3 = "Error occured while authenticating the user: " + str;
            log.error(str3, e);
            throw new AuthenticationException(str3);
        }
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public boolean isAuthenticated(String str) {
        if (str == null || !this.authenticatedSessions.containsKey(str)) {
            return false;
        }
        if (isSessionValid(str)) {
            this.authenticatedSessions.get(str).setLastAccess(System.currentTimeMillis());
            return true;
        }
        this.authenticatedSessions.remove(str);
        return false;
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public ThriftSession getSessionInfo(String str) {
        return this.authenticatedSessions.get(str);
    }

    private void logAndAuthenticationException(String str) throws AuthenticationException {
        log.error(str);
        throw new AuthenticationException(str);
    }

    private boolean isSessionValid(String str) {
        if (this.authenticatedSessions.containsKey(str)) {
            return System.currentTimeMillis() - this.authenticatedSessions.get(str).getLastAccess() < thriftSessionTimeOut;
        }
        return false;
    }
}
