package org.wso2.carbon.identity.application.authenticator.basicauth;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.services.authentication.AuthenticationUtil;
import org.wso2.carbon.core.services.util.CarbonAuthenticationUtil;
import org.wso2.carbon.core.util.AnonymousSessionUtil;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationSessionDTO;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/basicauth/BasicAuthenticator.class */
public class BasicAuthenticator extends AbstractApplicationAuthenticator {
    private static Log log = LogFactory.getLog(BasicAuthenticator.class);
    private RegistryService registryService;
    private RealmService realmService;

    public BasicAuthenticator(RegistryService registryService, RealmService realmService) {
        this.registryService = registryService;
        this.realmService = realmService;
    }

    public int doAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int status = getStatus(httpServletRequest);
        if (status == 11 || httpServletRequest.getSession().getAttribute("doAuthentication") != null) {
            if (canHandle(httpServletRequest)) {
                try {
                    if (authenticate(httpServletRequest)) {
                        status = 1;
                        cleanUpSession(httpServletRequest);
                    } else {
                        status = 11;
                        try {
                            httpServletResponse.sendRedirect(((String) getAuthenticatorConfig().getStatusMap().get(String.valueOf(10))) + ((ApplicationAuthenticationSessionDTO) httpServletRequest.getSession().getAttribute(httpServletRequest.getParameter("sessionDataKey"))).getQueryParams() + "&authFailure=true");
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                        httpServletRequest.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, 11);
                    }
                } catch (Exception e2) {
                    log.error("Error on BasicAuthenticator authentication", e2);
                    status = 0;
                }
            } else {
                status = -1;
            }
        } else if (status == 10) {
            String str = (String) getAuthenticatorConfig().getStatusMap().get(String.valueOf(status));
            status = 11;
            if (isSingleFactorMode()) {
                httpServletRequest.getSession().setAttribute("doAuthentication", Boolean.TRUE);
            }
            try {
                httpServletResponse.sendRedirect(str + httpServletRequest.getAttribute("commonAuthQueryParams"));
            } catch (IOException e3) {
                e3.printStackTrace();
            }
            httpServletRequest.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, 11);
        }
        return status;
    }

    public int getStatus(HttpServletRequest httpServletRequest) {
        Integer num = (Integer) httpServletRequest.getSession().getAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS);
        if (num == null) {
            num = Integer.valueOf(super.getStatus(httpServletRequest));
        }
        return num.intValue();
    }

    public String getAuthenticatorName() {
        return BasicAuthenticatorConstants.AUTHENTICATOR_NAME;
    }

    public void resetStatus(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().removeAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS);
    }

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        return (httpServletRequest.getParameter("username") == null || httpServletRequest.getParameter("password") == null) ? false : true;
    }

    private boolean authenticate(HttpServletRequest httpServletRequest) throws Exception {
        String domainFromThreadLocal;
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("password");
        UserRealm realmByUserName = AnonymousSessionUtil.getRealmByUserName(this.registryService, this.realmService, parameter);
        if (realmByUserName == null) {
            log.warn("Realm creation failed. Tenant may be inactive or invalid.");
            return false;
        }
        if (!realmByUserName.getUserStoreManager().authenticate(MultitenantUtils.getTenantAwareUsername(parameter), parameter2)) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug("user authentication failed due to invalid credentials.");
            return false;
        }
        if (parameter.indexOf("/") < 0 && (domainFromThreadLocal = UserCoreUtil.getDomainFromThreadLocal()) != null) {
            parameter = domainFromThreadLocal + "/" + parameter;
        }
        if (!realmByUserName.getAuthorizationManager().isUserAuthorized(MultitenantUtils.getTenantAwareUsername(parameter), "/permission/admin/login", "ui.execute")) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug("Authorization Failure when performing log-in action");
            return false;
        }
        if (log.isDebugEnabled()) {
            log.debug("User is successfully authenticated.");
        }
        httpServletRequest.getSession().setAttribute("username", parameter);
        CarbonAuthenticationUtil.onSuccessAdminLogin(httpServletRequest.getSession(), parameter, IdentityUtil.getTenantIdOFUser(parameter), MultitenantUtils.getTenantDomain(parameter), AuthenticationUtil.getRemoteAddress(MessageContext.getCurrentMessageContext()));
        return true;
    }

    private void cleanUpSession(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().setAttribute(BasicAuthenticatorConstants.AUTHENTICATOR_STATUS, (Object) null);
    }
}
