package ca.carleton.gcrc.auth.cookie;

import ca.carleton.gcrc.auth.common.AuthenticationUtils;
import ca.carleton.gcrc.auth.common.User;
import ca.carleton.gcrc.auth.common.UserRepository;
import ca.carleton.gcrc.auth.common.UserRepositorySingleton;
import ca.carleton.gcrc.auth.cookie.impl.CookieAuthentication;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.util.Date;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cometd.Bayeux;
import org.eclipse.jetty.util.URIUtil;
import org.json.JSONObject;
import org.postgresql.jdbc2.EscapedFunctions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/nunaliit2-auth-cookie-2.0.3.jar:ca/carleton/gcrc/auth/cookie/AuthServlet.class */
public class AuthServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final String defaultCookieName = "olkit-auth";
    private UserRepository userRepository;
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private String cookieName = defaultCookieName;

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        String initParameter = servletConfig.getInitParameter("cookie");
        if (null != initParameter) {
            this.cookieName = initParameter;
        }
        this.userRepository = UserRepositorySingleton.getSingleton();
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void destroy() {
        if (null != this.userRepository) {
            this.userRepository.destroy();
        }
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String[] split = httpServletRequest.getRequestURI().split(URIUtil.SLASH);
        String str = split[split.length - 1];
        this.logger.info(getClass().getName() + " " + str);
        try {
            if ("login".equalsIgnoreCase(str)) {
                performLogin(httpServletRequest, httpServletResponse);
            } else if ("logout".equalsIgnoreCase(str)) {
                performLogout(httpServletRequest, httpServletResponse);
            } else {
                if (!"adjust".equalsIgnoreCase(str)) {
                    throw new Exception("Unknown request: " + str);
                }
                performAdjustCookies(httpServletRequest, httpServletResponse);
            }
        } catch (Exception e) {
            this.logger.info("Error encountered while performing: " + str, (Throwable) e);
            sendErrorResponse(httpServletResponse, e);
        }
    }

    private void performLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String str = null;
        String[] parameterValues = httpServletRequest.getParameterValues("name");
        if (null != parameterValues) {
            if (parameterValues.length > 1) {
                throw new Exception("name parameter provided multiple times");
            }
            if (parameterValues.length == 1) {
                str = parameterValues[0];
            }
        }
        String str2 = null;
        String[] parameterValues2 = httpServletRequest.getParameterValues("password");
        if (null != parameterValues2) {
            if (parameterValues2.length > 1) {
                throw new Exception("password parameter provided multiple times");
            }
            if (parameterValues2.length == 1) {
                str2 = parameterValues2[0];
            }
        }
        if (null == str || null == str2) {
            throw new Exception("name or password missing");
        }
        try {
            User authenticate = this.userRepository.authenticate(str, str2);
            this.logger.info("user: " + authenticate);
            acceptRequest(httpServletResponse, true, authenticate);
        } catch (Exception e) {
            throw new Exception("Invalid credentials");
        }
    }

    private void performLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        acceptRequest(httpServletResponse, false, this.userRepository.getDefaultUser());
    }

    private void performAdjustCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        boolean z = false;
        User user = null;
        try {
            Cookie cookieFromRequest = getCookieFromRequest(httpServletRequest);
            if (null != cookieFromRequest) {
                user = CookieAuthentication.verifyCookieString(this.userRepository, cookieFromRequest.getValue());
                z = true;
            }
        } catch (Exception e) {
        }
        if (null == user) {
            user = this.userRepository.getDefaultUser();
        }
        acceptRequest(httpServletResponse, z, user);
    }

    private void setUserCookie(HttpServletResponse httpServletResponse, boolean z, User user) throws Exception {
        Cookie cookie = new Cookie("nunaliit-auth", AuthenticationUtils.userToCookieString(z, user));
        cookie.setPath(URIUtil.SLASH);
        httpServletResponse.addCookie(cookie);
    }

    private void acceptRequest(HttpServletResponse httpServletResponse, boolean z, User user) throws Exception {
        setUserCookie(httpServletResponse, z, user);
        Cookie cookie = new Cookie(this.cookieName, CookieAuthentication.computeCookieString(user));
        cookie.setPath(URIUtil.SLASH);
        httpServletResponse.addCookie(cookie);
        sendUserResponse(httpServletResponse, z, user);
    }

    private void sendUserResponse(HttpServletResponse httpServletResponse, boolean z, User user) throws Exception {
        httpServletResponse.setStatus(HttpServletResponse.SC_OK);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", new Date().getTime());
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setCharacterEncoding("utf-8");
        JSONObject json = user.toJSON();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(EscapedFunctions.USER, json);
        jSONObject.put("logged", z);
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), "UTF-8");
        jSONObject.write(outputStreamWriter);
        outputStreamWriter.flush();
    }

    private void sendErrorResponse(HttpServletResponse httpServletResponse, Throwable th) throws ServletException {
        httpServletResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", new Date().getTime());
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setCharacterEncoding("utf-8");
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(Bayeux.ERROR_FIELD, errorToJson(th));
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), "UTF-8");
            jSONObject.write(outputStreamWriter);
            outputStreamWriter.flush();
        } catch (Exception e) {
            throw new ServletException("Failure generating an error", e);
        }
    }

    private JSONObject errorToJson(Throwable th) throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("message", th.getMessage());
        if (null != th.getCause()) {
            jSONObject.put("cause", errorToJson(th.getCause()));
        }
        return jSONObject;
    }

    private Cookie getCookieFromRequest(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        Cookie cookie = null;
        int length = cookies.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Cookie cookie2 = cookies[i];
            if (this.cookieName.equals(cookie2.getName())) {
                cookie = cookie2;
                break;
            }
            i++;
        }
        return cookie;
    }
}
