package org.alinous.security;

import java.io.IOException;
import java.io.Writer;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.alinous.AlinousConfig;
import org.alinous.AlinousCore;
import org.alinous.AlinousUtils;
import org.alinous.datasrc.AlinousDataSourceManager;
import org.alinous.datasrc.exception.DataSourceException;
import org.alinous.datasrc.types.Record;
import org.alinous.exec.SessionController;
import org.alinous.exec.pages.PostContext;
import org.alinous.expections.AlinousException;
import org.alinous.expections.AlinousSecurityException;
import org.alinous.repository.AlinousSystemRepository;
import org.alinous.script.runtime.IScriptVariable;
import org.alinous.script.runtime.PathElementFactory;
import org.alinous.script.runtime.ScriptArray;
import org.alinous.script.runtime.ScriptDomVariable;
import org.alinous.script.runtime.VariableRepository;

/* loaded from: input_file:WEB-INF/lib/alinous-core.jar:org/alinous/security/AlinousSecurityManager.class */
public class AlinousSecurityManager {
    static final String USER_NAME_PATH = "SESSION.AUTH.USER";
    static final String USER_ROLE_PATH = "SESSION.AUTH.ROLES";
    static final String BASIC_USER_ROLE_PATH = "SESSION.BASIC.AUTH.USER";
    static final String BASIC_ROLES_ROLE_PATH = "SESSION.BASIC.AUTH.ROLES";
    private AlinousCore alinousCore;
    private SecurityRelmManager relm;
    private AlinousSystemRepository sysRepo;
    private AlinousConfig config;
    private String name;
    private String nameBasic;
    private List<String> roles = new ArrayList();
    private List<String> basicRoles = new ArrayList();

    public AlinousSecurityManager(AlinousCore alinousCore, AlinousDataSourceManager alinousDataSourceManager, AlinousSystemRepository alinousSystemRepository, AlinousConfig alinousConfig) {
        this.relm = new SecurityRelmManager(alinousDataSourceManager, alinousConfig);
        this.config = alinousConfig;
        this.sysRepo = alinousSystemRepository;
    }

    public void init() throws AlinousException {
        if (this.config.getSecurityConfig() == null) {
            return;
        }
        this.relm.initRelmTable();
    }

    public void checkSecurity(String str, AlinousConfig alinousConfig, PostContext postContext) throws AlinousException {
        SecurityConfig securityConfig = alinousConfig.getSecurityConfig();
        String replaceAll = str.replaceAll("\\\\", "/");
        if (securityConfig == null) {
            return;
        }
        String str2 = null;
        if (postContext != null) {
            str2 = postContext.getNextAction();
        }
        Zone findLongestMatch = findLongestMatch(replaceAll, securityConfig, false);
        Zone findLongestMatch2 = findLongestMatch(replaceAll, securityConfig, true);
        Zone zone = null;
        Zone zone2 = null;
        if (str2 != null) {
            String moduleName = AlinousUtils.getModuleName(str2);
            zone = findLongestMatch(moduleName, securityConfig, false);
            zone2 = findLongestMatch(moduleName, securityConfig, true);
        }
        if (findLongestMatch == null && zone == null && findLongestMatch2 == null && zone2 == null) {
            return;
        }
        initAuthenticatedInfo(postContext);
        if (this.nameBasic == null && (findLongestMatch2 != null || zone2 != null)) {
            int i = 0;
            Zone zone3 = null;
            if (findLongestMatch2 != null) {
                i = 1;
                zone3 = findLongestMatch2;
            } else if (zone2 != null) {
                i = 2;
                zone3 = zone2;
            }
            throw new AlinousSecurityException(i, zone3);
        }
        if (zone2 != null && !zone2.checkRole(this.basicRoles)) {
            throw new AlinousSecurityException(2, zone2);
        }
        if (findLongestMatch2 != null && !findLongestMatch2.checkRole(this.basicRoles)) {
            throw new AlinousSecurityException(1, findLongestMatch2);
        }
        if (this.name != null || (findLongestMatch == null && zone == null)) {
            if (findLongestMatch != null && !findLongestMatch.checkRole(this.roles)) {
                throw new AlinousSecurityException(1, findLongestMatch);
            }
            if (zone != null && !zone.checkRole(this.roles)) {
                throw new AlinousSecurityException(2, zone);
            }
            return;
        }
        int i2 = 0;
        Zone zone4 = null;
        if (findLongestMatch != null) {
            i2 = 1;
            zone4 = findLongestMatch;
        } else if (zone != null) {
            i2 = 2;
            zone4 = zone;
        }
        throw new AlinousSecurityException(i2, zone4);
    }

    private VariableRepository initAuthenticatedInfo(PostContext postContext) throws AlinousException {
        this.name = null;
        this.roles.clear();
        this.basicRoles.clear();
        SessionController sessionController = new SessionController(postContext.getCore().getSystemRepository(), postContext.getSessionId());
        VariableRepository variableRepository = new VariableRepository();
        sessionController.updateSession(variableRepository, postContext);
        IScriptVariable variable = variableRepository.getVariable(PathElementFactory.buildPathElement(USER_NAME_PATH), postContext);
        if (variable instanceof ScriptDomVariable) {
            this.name = ((ScriptDomVariable) variable).getValue();
        }
        IScriptVariable variable2 = variableRepository.getVariable(PathElementFactory.buildPathElement(USER_ROLE_PATH), postContext);
        if (variable2 instanceof ScriptDomVariable) {
            this.roles.add(((ScriptDomVariable) variable2).getValue());
        } else if (variable2 instanceof ScriptArray) {
            ScriptArray scriptArray = (ScriptArray) variable2;
            int size = scriptArray.getSize();
            for (int i = 0; i < size; i++) {
                IScriptVariable iScriptVariable = scriptArray.get(i);
                if (iScriptVariable instanceof ScriptDomVariable) {
                    this.roles.add(((ScriptDomVariable) iScriptVariable).getValue());
                }
            }
        }
        IScriptVariable variable3 = variableRepository.getVariable(PathElementFactory.buildPathElement(BASIC_USER_ROLE_PATH), postContext);
        if (variable3 instanceof ScriptDomVariable) {
            this.nameBasic = ((ScriptDomVariable) variable3).getValue();
        }
        IScriptVariable variable4 = variableRepository.getVariable(PathElementFactory.buildPathElement(BASIC_ROLES_ROLE_PATH), postContext);
        if (variable4 instanceof ScriptDomVariable) {
            this.basicRoles.add(((ScriptDomVariable) variable4).getValue());
        } else if (variable4 instanceof ScriptArray) {
            ScriptArray scriptArray2 = (ScriptArray) variable4;
            int size2 = scriptArray2.getSize();
            for (int i2 = 0; i2 < size2; i2++) {
                IScriptVariable iScriptVariable2 = scriptArray2.get(i2);
                if (iScriptVariable2 instanceof ScriptDomVariable) {
                    this.basicRoles.add(((ScriptDomVariable) iScriptVariable2).getValue());
                }
            }
        }
        return variableRepository;
    }

    private boolean isExceptionalPage(String str, SecurityConfig securityConfig) {
        return securityConfig.isExceptionalPage(str + ".html");
    }

    public Zone findLongestMatch(String str, SecurityConfig securityConfig, boolean z) {
        if (!str.startsWith("/")) {
            str = "/" + str;
        }
        if (str.endsWith("/")) {
            str = str + "index";
        }
        if (isExceptionalPage(str, securityConfig)) {
            return null;
        }
        ZoneMatchContext zoneMatchContext = null;
        Iterator<Zone> it = securityConfig.getZones().iterator();
        while (it.hasNext()) {
            ZoneMatchContext context = it.next().getContext();
            if (context.match(str) && (!z || !context.getZone().isUseForm())) {
                if (z || context.getZone().isUseForm()) {
                    if (zoneMatchContext == null) {
                        zoneMatchContext = context;
                    } else if (zoneMatchContext.getNumSegments() < context.getNumSegments()) {
                        zoneMatchContext = context;
                    }
                }
            }
        }
        if (zoneMatchContext == null) {
            return null;
        }
        return zoneMatchContext.getZone();
    }

    public void authenticate(String str, String str2, String str3) throws AlinousException {
        SecurityConfig securityConfig;
        String relmRoles;
        if (str == null || str2 == null || (securityConfig = this.config.getSecurityConfig()) == null || (relmRoles = securityConfig.getRelmRoles()) == null) {
            return;
        }
        try {
            List<Record> findRecords = this.relm.findRecords(str, str2);
            LinkedList<String> linkedList = new LinkedList<>();
            Iterator<Record> it = findRecords.iterator();
            while (it.hasNext()) {
                String fieldValue = it.next().getFieldValue(relmRoles);
                if (fieldValue != null && !fieldValue.equals("")) {
                    linkedList.add(fieldValue);
                }
            }
            updateSession(str, str2, linkedList, str3);
        } catch (DataSourceException e) {
            throw new AlinousException(e, "");
        }
    }

    private synchronized void updateSession(String str, String str2, LinkedList<String> linkedList, String str3) throws AlinousException {
        if (linkedList.size() > 0 && str3 != null) {
            SessionController sessionController = new SessionController(this.sysRepo, str3);
            VariableRepository variableRepository = new VariableRepository();
            PostContext postContext = new PostContext(this.alinousCore, null);
            sessionController.updateSession(variableRepository, postContext);
            variableRepository.putValue(BASIC_USER_ROLE_PATH, str, IScriptVariable.TYPE_STRING, null);
            int i = 0;
            Iterator<String> it = linkedList.iterator();
            while (it.hasNext()) {
                variableRepository.putValue("SESSION.BASIC.AUTH.ROLES[" + i + "]", it.next(), IScriptVariable.TYPE_STRING, null);
                i++;
            }
            sessionController.storeSession(postContext, variableRepository);
        }
    }

    public static void writeErrorPage(Writer writer) throws IOException {
        writer.append("<html>");
        writer.append("<head>");
        writer.append("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">");
        writer.append("<title>Authentication Error</title>");
        writer.append("</head>");
        writer.append("<body>");
        writeErrorInner(writer);
        writer.append("</body>");
        writer.append("</html>");
    }

    public static void writeErrorInner(Writer writer) throws IOException {
        writer.append("<H1>Authentication Error</H1>");
        writer.append("<HR>");
        writer.append("The authentication has failed.<BR><BR><BR><BR>");
        writer.append("<HR>");
        writer.append("Alinous-Core");
    }
}
