package org.wso2.carbon.identity.thrift.authentication;

import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.services.util.CarbonAuthenticationUtil;
import org.wso2.carbon.identity.authentication.AuthenticationService;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.thrift.authentication.dao.ThriftSessionDAO;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.ThriftSession;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/thrift/authentication/ThriftAuthenticatorServiceImpl.class */
public class ThriftAuthenticatorServiceImpl implements ThriftAuthenticatorService {
    private static final Log log = LogFactory.getLog(ThriftAuthenticatorServiceImpl.class);
    private static ThriftAuthenticatorServiceImpl instance = null;
    private static long thriftSessionTimeOut = 1800000;
    private AuthenticationService authenticationService;
    private RealmService realmService;
    private Map<String, ThriftSession> authenticatedSessions = new ConcurrentHashMap();

    public static ThriftAuthenticatorServiceImpl getInstance() {
        if (instance != null) {
            return instance;
        }
        synchronized (ThriftAuthenticatorServiceImpl.class) {
            if (instance != null) {
                return instance;
            }
            instance = new ThriftAuthenticatorServiceImpl();
            return instance;
        }
    }

    private void addThriftSession(ThriftSession thriftSession) throws IdentityException {
        this.authenticatedSessions.put(thriftSession.getSessionId(), thriftSession);
        new ThriftSessionDAO().addSession(thriftSession);
    }

    private void removeThriftSession(String str) throws IdentityException {
        this.authenticatedSessions.remove(str);
        new ThriftSessionDAO().removeSession(str);
    }

    public void init(AuthenticationService authenticationService, RealmService realmService) {
        this.authenticationService = authenticationService;
        this.realmService = realmService;
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public String authenticate(String str, String str2) throws AuthenticationException {
        String substring;
        if (str == null) {
            logAndAuthenticationException("Authentication request was missing the user name ");
        }
        if (str.indexOf("@") > 0 && ((substring = str.substring(str.indexOf("@") + 1)) == null || substring.trim().equals(""))) {
            logAndAuthenticationException("Authentication request was missing the domain name of the user");
        }
        if (str2 == null) {
            logAndAuthenticationException("Authentication request was missing the required password");
        }
        boolean authenticate = this.authenticationService.authenticate(str, str2);
        if (log.isDebugEnabled()) {
            if (authenticate) {
                log.debug("User: " + str + " was successfully authenticated..");
            } else {
                log.debug("Authentication failed for user: " + str + " Hence, returning null for session id.");
            }
        }
        if (!authenticate) {
            return null;
        }
        try {
            String uuid = UUID.randomUUID().toString();
            ThriftSession thriftSession = new ThriftSession();
            thriftSession.setSessionId(uuid);
            thriftSession.setUserName(str);
            thriftSession.setCreatedAt(System.currentTimeMillis());
            thriftSession.setLastAccess(System.currentTimeMillis());
            callOnSuccessAdminLogin(thriftSession);
            addThriftSession(thriftSession);
            return uuid;
        } catch (Exception e) {
            String str3 = "Error occured while authenticating the user: " + str;
            log.error(str3, e);
            throw new AuthenticationException(str3);
        }
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public boolean isAuthenticated(String str) {
        if (str == null) {
            return false;
        }
        if (this.authenticatedSessions.isEmpty()) {
            try {
                populateSessionsFromDB();
            } catch (Exception e) {
                log.error("Error while populating thrift sessions from cache", e);
            } catch (IdentityException e2) {
                log.error("Error while populating thrift sessions from cache", e2);
            }
        }
        if (this.authenticatedSessions.isEmpty()) {
            return false;
        }
        ThriftSessionDAO thriftSessionDAO = new ThriftSessionDAO();
        if (!this.authenticatedSessions.containsKey(str)) {
            try {
                if (!thriftSessionDAO.isSessionExisting(str)) {
                    return false;
                }
                ThriftSession session = thriftSessionDAO.getSession(str);
                if (!isSessionValid(session)) {
                    thriftSessionDAO.removeSession(str);
                    return false;
                }
                session.setLastAccess(System.currentTimeMillis());
                onSuccessLogin(session);
                this.authenticatedSessions.put(session.getSessionId(), session);
                thriftSessionDAO.updateLastAccessTime(str, session.getLastAccess());
                return true;
            } catch (Exception e3) {
                log.error("Error in calling on success admin login for the thrift session obtained from DB.", e3);
                return false;
            } catch (IdentityException e4) {
                log.error("Error while obtaining thrift session from database.", e4);
                return false;
            }
        }
        ThriftSession thriftSession = this.authenticatedSessions.get(str);
        if (isSessionValid(thriftSession)) {
            long currentTimeMillis = System.currentTimeMillis();
            this.authenticatedSessions.get(str).setLastAccess(currentTimeMillis);
            try {
                onSuccessLogin(thriftSession);
                this.authenticatedSessions.put(str, thriftSession);
                thriftSessionDAO.updateLastAccessTime(str, currentTimeMillis);
                return true;
            } catch (IdentityException e5) {
                log.error("Error while updating last access time in DB", e5);
                return true;
            } catch (Exception e6) {
                log.error("Error in calling on success admin login for the thrift session.", e6);
                return true;
            }
        }
        try {
            ThriftSession session2 = thriftSessionDAO.getSession(str);
            if (!isSessionValid(session2)) {
                removeThriftSession(str);
                return false;
            }
            session2.setLastAccess(System.currentTimeMillis());
            onSuccessLogin(session2);
            this.authenticatedSessions.put(session2.getSessionId(), session2);
            thriftSessionDAO.updateLastAccessTime(str, session2.getLastAccess());
            return true;
        } catch (IdentityException e7) {
            log.error("Error while obtaining thrift session from database.", e7);
            return false;
        } catch (Exception e8) {
            log.error("Error in calling on success admin login for the thrift session.", e8);
            return false;
        }
    }

    @Override // org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService
    public ThriftSession getSessionInfo(String str) {
        return this.authenticatedSessions.get(str);
    }

    private void logAndAuthenticationException(String str) throws AuthenticationException {
        log.error(str);
        throw new AuthenticationException(str);
    }

    private boolean isSessionValid(ThriftSession thriftSession) {
        return System.currentTimeMillis() - thriftSession.getLastAccess() < thriftSessionTimeOut;
    }

    private void populateSessionsFromDB() throws Exception {
        if (!this.authenticatedSessions.isEmpty()) {
            this.authenticatedSessions.clear();
        }
        List<ThriftSession> allSessions = new ThriftSessionDAO().getAllSessions();
        if (allSessions == null || allSessions.size() == 0) {
            return;
        }
        for (ThriftSession thriftSession : allSessions) {
            this.authenticatedSessions.put(thriftSession.getSessionId(), thriftSession);
        }
    }

    private boolean isSessionExistInDB(String str) throws IdentityException {
        return new ThriftSessionDAO().isSessionExisting(str);
    }

    private void callOnSuccessAdminLogin(ThriftSession thriftSession) throws Exception {
        if (this.realmService == null) {
            log.error("Realm service not properly set..");
            throw new AuthenticationException("Realm service not properly set..");
        }
        String tenantDomain = MultitenantUtils.getTenantDomain(thriftSession.getUserName());
        CarbonAuthenticationUtil.onSuccessAdminLogin(thriftSession, thriftSession.getUserName(), this.realmService.getTenantManager().getTenantId(tenantDomain), tenantDomain, "");
    }

    private void onSuccessLogin(ThriftSession thriftSession) throws IdentityException {
        thriftSession.getSessionCarbonContextHolder();
        PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        try {
            threadLocalCarbonContext.setUsername((String) thriftSession.getAttribute("username"));
            threadLocalCarbonContext.setTenantDomain((String) thriftSession.getAttribute("tenantDomain"));
            threadLocalCarbonContext.setTenantId(((Integer) thriftSession.getAttribute("tenantId")).intValue());
        } catch (Exception e) {
            throw new IdentityException("Error populating current carbon context from thrift auth session: " + e.getMessage());
        }
    }
}
