package org.silverpeas.authentication;

import com.silverpeas.export.ImportExportDescriptor;
import com.silverpeas.util.StringUtil;
import com.stratelia.silverpeas.silvertrace.SilverTrace;
import com.stratelia.webactiv.util.ResourceLocator;
import java.util.ArrayList;
import java.util.List;
import org.silverpeas.authentication.exception.AuthenticationBadCredentialException;
import org.silverpeas.authentication.exception.AuthenticationException;
import org.silverpeas.authentication.exception.AuthenticationExceptionVisitor;
import org.silverpeas.authentication.exception.AuthenticationHostException;
import org.silverpeas.authentication.exception.AuthenticationPasswordAboutToExpireException;
import org.silverpeas.authentication.exception.AuthenticationPwdChangeNotAvailException;
import org.silverpeas.authentication.exception.AuthenticationPwdNotAvailException;

/* loaded from: input_file:org/silverpeas/authentication/AuthenticationServer.class */
public class AuthenticationServer {
    private static final String module = "authentication";
    protected String fallbackMode;
    protected List<Authentication> authServers;
    protected boolean passwordChangeAllowed;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/silverpeas/authentication/AuthenticationServer$AuthenticationExceptionProcessor.class */
    public class AuthenticationExceptionProcessor implements AuthenticationExceptionVisitor {
        private final Authentication authentication;
        private final AuthenticationCredential credential;
        private boolean continueAuthentication = true;
        private final String operation;

        public AuthenticationExceptionProcessor(String str, Authentication authentication, AuthenticationCredential authenticationCredential) {
            this.operation = str;
            this.authentication = authentication;
            this.credential = authenticationCredential;
        }

        public boolean processAuthenticationException(AuthenticationException authenticationException) throws AuthenticationException {
            authenticationException.accept(this);
            return this.continueAuthentication;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationBadCredentialException authenticationBadCredentialException) throws AuthenticationException {
            if (AuthenticationServer.this.fallbackMode.equals("none") || AuthenticationServer.this.fallbackMode.equals("ifNotRejected")) {
                throw authenticationBadCredentialException;
            }
            SilverTrace.info(AuthenticationServer.module, "AuthenticationServer." + this.operation, "authentication.EX_AUTHENTICATION_BAD_CREDENTIAL", "Auth server=" + this.authentication.getServerName() + ";User=" + this.credential.getLogin(), authenticationBadCredentialException);
            this.continueAuthentication = true;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationHostException authenticationHostException) throws AuthenticationException {
            if (AuthenticationServer.this.fallbackMode.equals("none")) {
                throw authenticationHostException;
            }
            SilverTrace.info(AuthenticationServer.module, "AuthenticationServer." + this.operation, "authentication.EX_AUTHENTICATION_HOST_ERROR", "Auth server=" + this.authentication.getServerName() + ";User=" + this.credential.getLogin(), authenticationHostException);
            this.continueAuthentication = true;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationException authenticationException) throws AuthenticationException {
            if (AuthenticationServer.this.fallbackMode.equals("none")) {
                throw authenticationException;
            }
            SilverTrace.info(AuthenticationServer.module, "AuthenticationServer." + this.operation, "authentication.EX_AUTHENTICATION_REJECTED_BY_SERVER", "Auth server=" + this.authentication.getServerName() + ";User=" + this.credential.getLogin(), authenticationException);
            this.continueAuthentication = true;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationPwdNotAvailException authenticationPwdNotAvailException) throws AuthenticationException {
            SilverTrace.info(AuthenticationServer.module, "AuthenticationServer." + this.operation, "authentication.EX_PWD_NOT_AVAILABLE", "Auth server=" + this.authentication.getServerName() + ";User=" + this.credential.getLogin(), authenticationPwdNotAvailException);
            this.continueAuthentication = true;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationPasswordAboutToExpireException authenticationPasswordAboutToExpireException) throws AuthenticationException {
            this.credential.getCapabilities().put(Authentication.PASSWORD_IS_ABOUT_TO_EXPIRE, Boolean.TRUE);
            this.continueAuthentication = false;
        }

        @Override // org.silverpeas.authentication.exception.AuthenticationExceptionVisitor
        public void visit(AuthenticationPwdChangeNotAvailException authenticationPwdChangeNotAvailException) throws AuthenticationException {
            SilverTrace.info(AuthenticationServer.module, "AuthenticationServer." + this.operation, "authentication.EX_PASSWD_CHANGE_NOTAVAILABLE", "Auth server=" + this.authentication.getServerName() + ";User=" + this.credential.getLogin(), authenticationPwdChangeNotAvailException);
            this.continueAuthentication = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/silverpeas/authentication/AuthenticationServer$SecurityOperation.class */
    public abstract class SecurityOperation {
        public static final String AUTHENTICATION = "authenticate";
        public static final String PASSWORD_CHANGE = "changePassword";
        public static final String PASSWORD_RESET = "resetPassword";
        private String name;
        private AuthenticationCredential credential;

        public SecurityOperation(String str, AuthenticationCredential authenticationCredential) {
            this.credential = authenticationCredential;
            this.name = str;
        }

        public String getName() {
            return this.name;
        }

        public AuthenticationCredential getAuthenticationCredential() {
            return this.credential;
        }

        public abstract void performWith(Authentication authentication) throws AuthenticationException;
    }

    public static AuthenticationServer getAuthenticationServer(String str) {
        return new AuthenticationServer(str);
    }

    private AuthenticationServer(String str) {
        try {
            ResourceLocator resourceLocator = new ResourceLocator("com.stratelia.silverpeas.authentication." + str, ImportExportDescriptor.NO_FORMAT);
            this.fallbackMode = resourceLocator.getString("fallbackType");
            this.passwordChangeAllowed = resourceLocator.getBoolean("allowPasswordChange", false);
            int parseInt = Integer.parseInt(resourceLocator.getString("autServersCount"));
            this.authServers = new ArrayList(parseInt);
            for (int i = 0; i < parseInt; i++) {
                String str2 = "autServer" + i;
                if (resourceLocator.getBoolean(str2 + ".enabled", true)) {
                    try {
                        Authentication authentication = (Authentication) Class.forName(resourceLocator.getString(str2 + ".type")).newInstance();
                        authentication.init(str2, resourceLocator);
                        this.authServers.add(authentication);
                    } catch (Exception e) {
                        SilverTrace.error(module, "AuthenticationServer.AuthenticationServer", "authentication.EX_CANT_INSTANCIATE_SERVER_CLASS", str + " / " + str2, e);
                    }
                }
            }
        } catch (Exception e2) {
            SilverTrace.error(module, "AuthenticationServer.AuthenticationServer", "authentication.EX_DOMAIN_INFO_ERROR", "Server=" + str, e2);
        }
    }

    public void authenticate(final AuthenticationCredential authenticationCredential) throws AuthenticationException {
        doSecurityOperation(new SecurityOperation("authenticate", authenticationCredential) { // from class: org.silverpeas.authentication.AuthenticationServer.1
            @Override // org.silverpeas.authentication.AuthenticationServer.SecurityOperation
            public void performWith(Authentication authentication) throws AuthenticationException {
                authentication.authenticate(authenticationCredential);
            }
        });
    }

    public void changePassword(final AuthenticationCredential authenticationCredential, final String str) throws AuthenticationException {
        if (!this.passwordChangeAllowed) {
            throw new AuthenticationPwdChangeNotAvailException("AuthenticationServer.changePassword", 4, "authentication.EX_PASSWD_CHANGE_NOTAVAILABLE");
        }
        doSecurityOperation(new SecurityOperation("changePassword", authenticationCredential) { // from class: org.silverpeas.authentication.AuthenticationServer.2
            @Override // org.silverpeas.authentication.AuthenticationServer.SecurityOperation
            public void performWith(Authentication authentication) throws AuthenticationException {
                authentication.changePassword(authenticationCredential, str);
            }
        });
    }

    public boolean isPasswordChangeAllowed() {
        return this.passwordChangeAllowed;
    }

    public void resetPassword(final String str, final String str2) throws AuthenticationException {
        if (!this.passwordChangeAllowed) {
            throw new AuthenticationPwdChangeNotAvailException("AuthenticationServer.resetPassword", 4, "authentication.EX_PASSWD_CHANGE_NOTAVAILABLE");
        }
        doSecurityOperation(new SecurityOperation("resetPassword", AuthenticationCredential.newWithAsLogin(str)) { // from class: org.silverpeas.authentication.AuthenticationServer.3
            @Override // org.silverpeas.authentication.AuthenticationServer.SecurityOperation
            public void performWith(Authentication authentication) throws AuthenticationException {
                authentication.resetPassword(str, str2);
            }
        });
    }

    private void doSecurityOperation(SecurityOperation securityOperation) throws AuthenticationException {
        if (!StringUtil.isDefined(securityOperation.getAuthenticationCredential().getLogin())) {
            throw new AuthenticationException("AuthenticationServer." + securityOperation.getName(), 4, "authentication.EX_LOGIN_EMPTY");
        }
        boolean z = true;
        AuthenticationException authenticationException = null;
        for (Authentication authentication : this.authServers) {
            if (authentication.isEnabled()) {
                try {
                    securityOperation.performWith(authentication);
                    z = false;
                } catch (AuthenticationException e) {
                    z = new AuthenticationExceptionProcessor(securityOperation.getName(), authentication, securityOperation.getAuthenticationCredential()).processAuthenticationException(e);
                    authenticationException = e;
                }
            }
            if (!z) {
                break;
            }
        }
        if (z) {
            if (authenticationException != null) {
                throw new AuthenticationException("AuthenticationServer." + securityOperation.getName(), 4, "authentication.EX_AUTHENTICATION_FAILED_LAST_ERROR", authenticationException);
            }
            throw new AuthenticationException("AuthenticationServer." + securityOperation.getName(), 4, "authentication.EX_NO_SERVER_AVAILABLE");
        }
    }
}
