package org.wso2.carbon.identity.authenticator.sso;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.CarbonConfigurationContextFactory;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.services.util.CarbonAuthenticationUtil;
import org.wso2.carbon.core.util.AnonymousSessionUtil;
import org.wso2.carbon.identity.authenticator.sso.internal.SSOAuthBEDataHolder;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/authenticator/sso/SSOAuthenticator.class */
public class SSOAuthenticator {
    private static final Log log = LogFactory.getLog(SSOAuthenticator.class);

    public boolean login(String str, String str2, String str3) throws AuthenticationException {
        HttpSession httpSession = getHttpSession();
        if (str != null && str2 != null && str3 != null) {
            try {
                if (!str.trim().equals("") && !str2.trim().equals("") && !str3.trim().equals("")) {
                    RegistryService registryService = SSOAuthBEDataHolder.getInstance().getRegistryService();
                    RealmService realmService = SSOAuthBEDataHolder.getInstance().getRealmService();
                    String tenantDomain = MultitenantUtils.getTenantDomain(str);
                    String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(str);
                    UserRealm realmByTenantDomain = AnonymousSessionUtil.getRealmByTenantDomain(registryService, realmService, tenantDomain);
                    boolean z = false;
                    AxisConfiguration axisConfiguration = CarbonConfigurationContextFactory.getConfigurationContext().getAxisConfiguration();
                    if (axisConfiguration.getParameter(SSOConstants.SSO_SERVICE_EPR) != null) {
                        z = new SSOConsumer((String) axisConfiguration.getParameter(SSOConstants.SSO_SERVICE_EPR).getValue()).isAuthenticated(tenantAwareUsername, str2);
                    }
                    boolean isUserAuthorized = realmByTenantDomain.getAuthorizationManager().isUserAuthorized(tenantAwareUsername, "/permission/admin/login", "ui.execute");
                    int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
                    if (z && isUserAuthorized) {
                        CarbonAuthenticationUtil.onSuccessAdminLogin(httpSession, tenantAwareUsername, tenantId, tenantDomain, str3);
                        return true;
                    }
                    CarbonAuthenticationUtil.onFailedAdminLogin(httpSession, tenantAwareUsername, tenantId, str3, "Invalid credential");
                    return false;
                }
            } catch (Exception e) {
                log.error("System error while Authenticating/Authorizing User : " + e.getMessage(), e);
                return false;
            }
        }
        CarbonAuthenticationUtil.onFailedAdminLogin(httpSession, str, -1, str3, "Data");
        return false;
    }

    private HttpSession getHttpSession() {
        MessageContext currentMessageContext = MessageContext.getCurrentMessageContext();
        HttpSession httpSession = null;
        if (currentMessageContext != null) {
            httpSession = ((HttpServletRequest) currentMessageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession();
        }
        return httpSession;
    }
}
