package org.wso2.carbon.core.services.authentication;

import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext;
import org.osgi.util.tracker.ServiceTracker;
import org.osgi.util.tracker.ServiceTrackerCustomizer;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.core.services.authentication.AuthenticationFailureException;
import org.wso2.carbon.core.services.internal.CarbonServicesServiceComponent;
import org.wso2.carbon.core.services.util.CarbonAuthenticationUtil;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.AuthenticationObserver;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/core/services/authentication/AbstractAuthenticator.class */
public abstract class AbstractAuthenticator extends AbstractAdmin implements ServerAuthenticator {
    protected static final int DEFAULT_PRIORITY_LEVEL = 4;
    private static final Log log = LogFactory.getLog(AbstractAuthenticator.class);

    @Override // org.wso2.carbon.core.services.authentication.ServerAuthenticator
    public boolean isAuthenticated(MessageContext messageContext) {
        String str;
        HttpSession httpSession = getHttpSession(messageContext);
        if (httpSession == null || (str = (String) httpSession.getAttribute("wso2carbon.admin.logged.in")) == null) {
            return false;
        }
        try {
            onSuccessLogin(httpSession, str);
            return true;
        } catch (Exception e) {
            log.error("Error occurred while initializing user session.", e);
            return false;
        }
    }

    public static boolean continueProcessing(MessageContext messageContext) {
        String str = (String) messageContext.getProperty(ServerAuthenticator.CONTINUE_PROCESSING);
        return str == null || !str.equals("false");
    }

    @Override // org.wso2.carbon.core.services.authentication.ServerAuthenticator
    public void authenticate(MessageContext messageContext) throws AuthenticationFailureException {
        String userNameFromRequest = getUserNameFromRequest(messageContext);
        if (userNameFromRequest == null) {
            log.debug("Could not retrieve user name for authentication from request");
            throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.INVALID_USER_NAME);
        }
        try {
            try {
                String tenantDomain = getTenantDomain(userNameFromRequest, getRealmService());
                try {
                    int tenantId = getTenantId(tenantDomain);
                    if (log.isDebugEnabled()) {
                        log.debug("Doing authentication for tenant id " + tenantId + " and user " + userNameFromRequest);
                    }
                    try {
                        notifyAuthenticationStarted(tenantId);
                        String remoteAddress = getRemoteAddress(messageContext);
                        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(userNameFromRequest);
                        try {
                            doAuthentication(userNameFromRequest, tenantId, messageContext);
                            try {
                                onSuccessLogin(tenantAwareUsername, tenantId, tenantDomain, remoteAddress, messageContext);
                                if (isRememberMeRequest(userNameFromRequest, messageContext)) {
                                    try {
                                        RememberMeData persistsRememberMeData = persistsRememberMeData(userNameFromRequest);
                                        populateRememberMeDataInReply(persistsRememberMeData.getValue(), persistsRememberMeData.getMaxAge(), messageContext);
                                    } catch (Exception e) {
                                        log.error("Unable to persists RememberMe cookie.", e);
                                        throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.SYSTEM_ERROR, userNameFromRequest);
                                    }
                                }
                            } catch (Exception e2) {
                                log.error("Unable to execute post authentication operations in a successful login. User - " + userNameFromRequest, e2);
                                throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.SYSTEM_ERROR, userNameFromRequest);
                            }
                        } catch (AuthenticationFailureException e3) {
                            if (log.isDebugEnabled()) {
                                log.debug("Did authentication for user " + userNameFromRequest + " and for tenant id " + tenantId + " result is - authentication failed !! reason - " + e3.getMessage());
                            }
                            try {
                                onFailedLogin(tenantAwareUsername, tenantId, remoteAddress, e3.getMessage(), messageContext);
                            } catch (Exception e4) {
                                log.error("Unable to execute post authentication operation on failed login attempt. User - " + userNameFromRequest, e4);
                            }
                            throw e3;
                        }
                    } catch (Exception e5) {
                        log.error("An error occurred while executing pre authenticating tasks.", e5);
                        throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.SYSTEM_ERROR, userNameFromRequest);
                    }
                } catch (UserStoreException e6) {
                    log.error("Unable retrieve tenant id for tenant domain " + tenantDomain, e6);
                    throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.SYSTEM_ERROR, userNameFromRequest);
                }
            } catch (org.wso2.carbon.user.core.UserStoreException e7) {
                if (log.isDebugEnabled()) {
                    log.debug("Unable to retrieve tenant domain for user " + userNameFromRequest + " this could most probably due to invalid user name", e7);
                }
                throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.INVALID_USER_NAME, userNameFromRequest);
            }
        } catch (Exception e8) {
            log.error("Unable retrieve Realm service", e8);
            throw new AuthenticationFailureException(AuthenticationFailureException.AuthenticationFailureReason.SYSTEM_ERROR, userNameFromRequest);
        }
    }

    protected RememberMeData persistsRememberMeData(String str) throws Exception {
        String uuid = UUID.randomUUID().toString();
        RememberMeData rememberMeData = new RememberMeData();
        rememberMeData.setMaxAge(604800);
        rememberMeData.setValue(str + "-" + uuid);
        RealmService realmService = CarbonServicesServiceComponent.getRealmService();
        realmService.getTenantUserRealm(realmService.getTenantManager().getTenantId(MultitenantUtils.getTenantDomain(str))).getUserStoreManager().addRememberMe(str, uuid);
        rememberMeData.setAuthenticated(true);
        return rememberMeData;
    }

    protected void onSuccessLogin(String str, int i, String str2, String str3, MessageContext messageContext) throws Exception {
        CarbonAuthenticationUtil.onSuccessAdminLogin(getHttpSession(messageContext), str, i, str2, str3);
        notifyAuthenticationCompleted(i, true);
    }

    protected void onSuccessLogin(HttpSession httpSession, String str) throws Exception {
        if (httpSession.getAttribute("WSO2RegistryRoot") != null) {
            return;
        }
        String tenantDomain = getTenantDomain();
        CarbonAuthenticationUtil.initializeLoggedInUserRegistry(httpSession, str, getTenantId(tenantDomain), tenantDomain);
    }

    protected HttpSession getHttpSession(MessageContext messageContext) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) messageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
        if (httpServletRequest != null) {
            return httpServletRequest.getSession();
        }
        return null;
    }

    protected void onFailedLogin(String str, int i, String str2, String str3, MessageContext messageContext) throws Exception {
        CarbonAuthenticationUtil.onFailedAdminLogin(getHttpSession(messageContext), str, i, str2, str3);
        notifyAuthenticationCompleted(i, false);
    }

    protected String getRemoteAddress(MessageContext messageContext) {
        try {
            return AuthenticationUtil.getRemoteAddress(messageContext);
        } catch (AuthenticationException e) {
            log.error("Invalid remote address detected.", e);
            return null;
        }
    }

    protected void notifyAuthenticationStarted(int i) throws Exception {
        BundleContext bundleContext = getBundleContext();
        if (bundleContext == null) {
            log.debug("BundleContext is null. Could not update AuthenticationObservers !!");
            return;
        }
        ServiceTracker serviceTracker = new ServiceTracker(bundleContext, AuthenticationObserver.class.getName(), (ServiceTrackerCustomizer) null);
        serviceTracker.open();
        Object[] services = serviceTracker.getServices();
        if (services != null) {
            for (Object obj : services) {
                ((AuthenticationObserver) obj).startedAuthentication(i);
            }
        }
        serviceTracker.close();
    }

    protected void notifyAuthenticationCompleted(int i, boolean z) throws Exception {
        BundleContext bundleContext = getBundleContext();
        if (bundleContext == null) {
            log.debug("BundleContext is null. Could not update AuthenticationObservers !!");
            return;
        }
        ServiceTracker serviceTracker = new ServiceTracker(bundleContext, AuthenticationObserver.class.getName(), (ServiceTrackerCustomizer) null);
        serviceTracker.open();
        Object[] services = serviceTracker.getServices();
        if (services != null) {
            for (Object obj : services) {
                ((AuthenticationObserver) obj).completedAuthentication(i, z);
            }
        }
        serviceTracker.close();
    }

    protected String getTenantDomain(String str, RealmService realmService) throws org.wso2.carbon.user.core.UserStoreException {
        return MultitenantUtils.getTenantDomain(str);
    }

    protected int getTenantId(String str) throws UserStoreException {
        try {
            return getRealmService().getTenantManager().getTenantId(str);
        } catch (Exception e) {
            throw new UserStoreException("Unable to retrieve Realm service for authentication");
        }
    }

    @Override // org.wso2.carbon.core.services.authentication.BackendAuthenticator
    public int getPriority() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(getAuthenticatorName());
        if (authenticatorConfig == null || authenticatorConfig.getPriority() <= 0) {
            return -1;
        }
        return authenticatorConfig.getPriority();
    }

    protected abstract String getUserNameFromRequest(MessageContext messageContext);

    protected abstract void doAuthentication(String str, int i, MessageContext messageContext) throws AuthenticationFailureException;

    protected boolean isRememberMeRequest(String str, MessageContext messageContext) {
        return false;
    }

    protected void populateRememberMeDataInReply(String str, int i, MessageContext messageContext) {
    }

    protected abstract RealmService getRealmService() throws Exception;

    protected abstract BundleContext getBundleContext() throws Exception;
}
