package org.wso2.carbon.identity.authenticator.token;

import java.security.SignatureException;
import java.util.Date;
import java.util.Hashtable;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axiom.om.util.Base64;
import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.core.services.authentication.AuthenticationAdmin;
import org.wso2.carbon.core.services.authentication.CarbonServerAuthenticator;
import org.wso2.carbon.identity.authenticator.token.internal.TokenAuthBEDataHolder;
import org.wso2.carbon.registry.core.Collection;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/authenticator/token/TokenAuthenticator.class */
public class TokenAuthenticator extends AbstractAdmin implements CarbonServerAuthenticator {
    private static final int DEFAULT_PRIORITY_LEVEL = -5;
    private static final String AUTHENTICATOR_NAME = "TokenUIAuthenticator";
    private static final Log log = LogFactory.getLog(TokenAuthenticator.class);
    private static Hashtable<String, HttpSession> sessionStore = new Hashtable<>();

    private boolean login(String str, String str2, String str3) throws AuthenticationException {
        return new AuthenticationAdmin().login(str, str2, str3);
    }

    public String getAutheticationToken(String str, String str2, String str3) throws AuthenticationException {
        Resource resource;
        if (!login(str, str2, str3)) {
            return null;
        }
        String uuid = UUIDGenerator.getUUID();
        try {
            RegistryService registryService = TokenAuthBEDataHolder.getInstance().getRegistryService();
            int tenantId = TokenAuthBEDataHolder.getInstance().getRealmService().getTenantManager().getTenantId(MultitenantUtils.getTenantDomain(str));
            String str4 = "TenantId:=" + tenantId + "&UserId:=" + registryService.getUserRealm(tenantId).getUserStoreManager().getUserId(str);
            String str5 = str4 + "&Signature:=" + getHMAC(uuid, str4);
            UserRegistry configSystemRegistry = registryService.getConfigSystemRegistry(tenantId);
            String str6 = "/users/" + str;
            if (configSystemRegistry.resourceExists(str6)) {
                resource = (Collection) configSystemRegistry.get(str6);
            } else {
                resource = configSystemRegistry.newCollection();
                configSystemRegistry.put(str6, resource);
            }
            String str7 = "Key:=" + uuid + "&Timestamp:=" + new Date().getTime() + "&TTL:=300000";
            resource.removeProperty("user.token");
            resource.addProperty("user.token", str7);
            configSystemRegistry.put(str6, resource);
            sessionStore.put(str5, getHttpSession());
            return str5;
        } catch (SignatureException e) {
            String str8 = "Error in creating short lived authentication token for, username: " + str + ".";
            log.error(str8, e);
            throw new AuthenticationException(str8, e);
        } catch (Exception e2) {
            log.error("Error authenticating " + e2.getMessage(), e2);
            throw new AuthenticationException("Error authenticating " + e2.getMessage(), e2);
        }
    }

    private String getHMAC(String str, String str2) throws SignatureException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(str.getBytes(), "HmacSHA1");
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(secretKeySpec);
            return Base64.encode(mac.doFinal(str2.getBytes()));
        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
    }

    public String getAuthenticatorName() {
        return AUTHENTICATOR_NAME;
    }

    public int getPriority() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(AUTHENTICATOR_NAME);
        return (authenticatorConfig == null || authenticatorConfig.getPriority() <= 0) ? DEFAULT_PRIORITY_LEVEL : authenticatorConfig.getPriority();
    }

    public boolean isAuthenticated(MessageContext messageContext) {
        String authenticationTokenValue = getAuthenticationTokenValue(messageContext);
        if (authenticationTokenValue == null) {
            return false;
        }
        HttpSession httpSession = sessionStore.get(authenticationTokenValue);
        HttpSession httpSession2 = getHttpSession(messageContext);
        httpSession2.setAttribute("WSO2RegistryRoot", httpSession.getAttribute("WSO2RegistryRoot"));
        httpSession2.setAttribute("wso2carbon.admin.logged.in", httpSession.getAttribute("wso2carbon.admin.logged.in"));
        PrivilegedCarbonContext currentContext = PrivilegedCarbonContext.getCurrentContext(httpSession2);
        PrivilegedCarbonContext currentContext2 = PrivilegedCarbonContext.getCurrentContext(httpSession);
        currentContext.setRegistry(RegistryType.USER_GOVERNANCE, currentContext2.getRegistry(RegistryType.USER_GOVERNANCE));
        currentContext.setRegistry(RegistryType.USER_CONFIGURATION, currentContext2.getRegistry(RegistryType.USER_CONFIGURATION));
        currentContext.setRegistry(RegistryType.SYSTEM_CONFIGURATION, currentContext2.getRegistry(RegistryType.SYSTEM_CONFIGURATION));
        currentContext.setRegistry(RegistryType.SYSTEM_GOVERNANCE, currentContext2.getRegistry(RegistryType.SYSTEM_GOVERNANCE));
        currentContext.setUserRealm(currentContext2.getUserRealm());
        currentContext.setTenantDomain(currentContext2.getTenantDomain());
        currentContext.setTenantId(currentContext2.getTenantId());
        return ((String) httpSession.getAttribute("wso2carbon.admin.logged.in")) != null;
    }

    public boolean authenticateWithRememberMe(MessageContext messageContext) {
        return false;
    }

    protected HttpSession getHttpSession(MessageContext messageContext) {
        HttpSession httpSession = null;
        if (messageContext != null) {
            httpSession = ((HttpServletRequest) messageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession();
        }
        return httpSession;
    }

    private String getAuthenticationTokenValue(MessageContext messageContext) {
        for (Map.Entry entry : ((Map) messageContext.getProperty("TRANSPORT_HEADERS")).entrySet()) {
            if ("cookie".equals(entry.getKey())) {
                return (String) entry.getValue();
            }
        }
        return null;
    }

    public boolean isDisabled() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(AUTHENTICATOR_NAME);
        if (authenticatorConfig != null) {
            return authenticatorConfig.isDisabled();
        }
        return false;
    }

    public boolean isHandle(MessageContext messageContext) {
        return true;
    }
}
