package com.ecyrd.jspwiki.auth;

import com.ecyrd.jspwiki.TextUtil;
import com.ecyrd.jspwiki.WikiEngine;
import com.ecyrd.jspwiki.WikiException;
import com.ecyrd.jspwiki.util.ClassUtil;
import com.ecyrd.jspwiki.util.HttpUtil;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Properties;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:121913-03/SUNWportal-portlets/reloc/SUNWportal/portletapps/wiki/src/wiki.war.tokenized:WEB-INF/lib/JSPWiki.jar:com/ecyrd/jspwiki/auth/UserManager.class */
public class UserManager {
    static Logger log;
    public static final String WIKIUSER = "currentUser";
    public static final String PROP_STOREIPADDRESS = "jspwiki.storeIPAddress";
    public static final String PROP_AUTHENTICATOR = "jspwiki.authenticator";
    public static final String PROP_USERDATABASE = "jspwiki.userdatabase";
    public static final String PROP_ADMINISTRATOR = "jspwiki.auth.administrator";
    private boolean m_storeIPAddress;
    private HashMap m_groups = new HashMap();
    public static final String GROUP_GUEST = "Guest";
    public static final String GROUP_NAMEDGUEST = "NamedGuest";
    public static final String GROUP_KNOWNPERSON = "KnownPerson";
    private static final String DEFAULT_DATABASE = "com.ecyrd.jspwiki.auth.modules.WikiDatabase";
    private static final String DEFAULT_ADMINISTRATOR = "AdminGroup";
    private WikiAuthenticator m_authenticator;
    private UserDatabase m_database;
    private WikiEngine m_engine;
    private String m_administrator;
    private boolean m_useAuth;
    static Class class$com$ecyrd$jspwiki$auth$UserManager;

    public UserManager(WikiEngine wikiEngine, Properties properties) throws WikiException {
        this.m_storeIPAddress = true;
        this.m_useAuth = false;
        this.m_engine = wikiEngine;
        this.m_storeIPAddress = TextUtil.getBooleanProperty(properties, PROP_STOREIPADDRESS, this.m_storeIPAddress);
        this.m_administrator = properties.getProperty(PROP_ADMINISTRATOR, DEFAULT_ADMINISTRATOR);
        this.m_useAuth = TextUtil.getBooleanProperty(properties, "jspwiki.auth.useOldAuth", false);
        if (this.m_useAuth) {
            new AllGroup().setName("All");
            this.m_groups.put(GROUP_GUEST, new AllGroup());
            this.m_groups.put(GROUP_NAMEDGUEST, new NamedGroup());
            this.m_groups.put(GROUP_KNOWNPERSON, new KnownGroup());
            String property = properties.getProperty(PROP_AUTHENTICATOR);
            if (property != null) {
                try {
                    this.m_authenticator = (WikiAuthenticator) ClassUtil.findClass("com.ecyrd.jspwiki.auth.modules", property).newInstance();
                    this.m_authenticator.initialize(properties);
                    log.info(new StringBuffer().append("Initialized ").append(property).append(" for authentication.").toString());
                } catch (ClassNotFoundException e) {
                    log.fatal(new StringBuffer().append("Authenticator ").append(property).append(" cannot be found").toString(), e);
                    throw new WikiException("Authenticator cannot be found");
                } catch (IllegalAccessException e2) {
                    log.fatal("You are not allowed to access this authenticator class", e2);
                    throw new WikiException("You are not allowed to access this authenticator class");
                } catch (InstantiationException e3) {
                    log.fatal(new StringBuffer().append("Authenticator ").append(property).append(" cannot be created").toString(), e3);
                    throw new WikiException("Authenticator cannot be created");
                }
            }
            String property2 = properties.getProperty(PROP_USERDATABASE, DEFAULT_DATABASE);
            try {
                this.m_database = (UserDatabase) ClassUtil.findClass("com.ecyrd.jspwiki.auth.modules", property2).newInstance();
                this.m_database.initialize(this.m_engine, properties);
            } catch (ClassNotFoundException e4) {
                log.fatal(new StringBuffer().append("UserDatabase ").append(property2).append(" cannot be found").toString(), e4);
                throw new WikiException("UserDatabase cannot be found");
            } catch (IllegalAccessException e5) {
                log.fatal("You are not allowed to access this user database class", e5);
                throw new WikiException("You are not allowed to access this user database class");
            } catch (InstantiationException e6) {
                log.fatal(new StringBuffer().append("UserDatabase ").append(property2).append(" cannot be created").toString(), e6);
                throw new WikiException("UserDatabase cannot be created");
            }
        }
    }

    public UserProfile getUserProfile(String str) {
        if (this.m_database == null) {
            UserProfile userProfile = new UserProfile();
            userProfile.setName(str);
            userProfile.setLoginName(str);
            userProfile.setLoginStatus(1);
            return userProfile;
        }
        WikiPrincipal principal = this.m_database.getPrincipal(str);
        if (!(principal instanceof UserProfile)) {
            log.info(new StringBuffer().append(str).append(" is not a user!").toString());
            principal = null;
        }
        return (UserProfile) principal;
    }

    public UserDatabase getUserDatabase() {
        return this.m_database;
    }

    public WikiAuthenticator getAuthenticator() {
        return this.m_authenticator;
    }

    public boolean isAdministrator(WikiPrincipal wikiPrincipal) {
        if (wikiPrincipal.getName().equals(this.m_administrator)) {
            return true;
        }
        WikiGroup wikiGroup = getWikiGroup(this.m_administrator);
        if (wikiGroup == null) {
            return false;
        }
        return wikiGroup.isMember(wikiPrincipal);
    }

    public WikiGroup getWikiGroup(String str) {
        WikiGroup wikiGroup;
        synchronized (this.m_groups) {
            wikiGroup = (WikiGroup) this.m_groups.get(str);
            if (wikiGroup == null) {
                WikiPrincipal principal = this.m_database.getPrincipal(str);
                if (principal instanceof WikiGroup) {
                    wikiGroup = (WikiGroup) principal;
                } else {
                    log.info(new StringBuffer().append(str).append(" is not a group!").toString());
                }
            }
        }
        return wikiGroup;
    }

    public List getGroupsForPrincipal(Principal principal) throws NoSuchPrincipalException {
        List list = null;
        if ((principal instanceof UserProfile) && ((UserProfile) principal).isAuthenticated() && this.m_database != null) {
            list = this.m_database.getGroupsForPrincipal(principal);
        }
        if (list == null) {
            list = new ArrayList();
        }
        synchronized (this.m_groups) {
            for (WikiGroup wikiGroup : this.m_groups.values()) {
                if (wikiGroup.isMember(principal)) {
                    log.debug(new StringBuffer().append("User ").append(principal.getName()).append(" is a member of ").append(wikiGroup.getName()).toString());
                    list.add(wikiGroup);
                }
            }
        }
        return list;
    }

    public Principal getPrincipal(String str) {
        Principal wikiGroup = getWikiGroup(str);
        if (wikiGroup == null) {
            wikiGroup = getUserProfile(str);
            if (wikiGroup == null) {
                log.debug(new StringBuffer().append("No such principal defined: ").append(str).append(", using UndefinedPrincipal").toString());
                wikiGroup = new UndefinedPrincipal(str);
            }
        }
        return wikiGroup;
    }

    public boolean login(String str, String str2, HttpSession httpSession) throws WikiSecurityException {
        boolean z;
        if (this.m_authenticator == null) {
            return false;
        }
        if (httpSession == null) {
            log.error("No session provided, cannot log in.");
            return false;
        }
        UserProfile userProfile = getUserProfile(str);
        if (userProfile == null) {
            return false;
        }
        userProfile.setPassword(str2);
        boolean z2 = false;
        try {
            z = this.m_authenticator.authenticate(userProfile);
        } catch (PasswordExpiredException e) {
            z = true;
            z2 = true;
        }
        if (z) {
            userProfile.setLoginStatus(3);
            httpSession.setAttribute(WIKIUSER, userProfile);
            log.info(new StringBuffer().append("Logged in user ").append(str).toString());
            if (z2) {
                throw new PasswordExpiredException("");
            }
        } else {
            log.info(new StringBuffer().append("Username ").append(str).append(" attempted to log in with the wrong password.").toString());
        }
        return z;
    }

    public void logout(HttpSession httpSession) {
        if (httpSession != null) {
            UserProfile userProfile = (UserProfile) httpSession.getAttribute(WIKIUSER);
            if (userProfile != null) {
                log.info(new StringBuffer().append("logged out user ").append(userProfile.getName()).toString());
                userProfile.setLoginStatus(0);
            }
            httpSession.invalidate();
        }
    }

    public UserProfile getUserProfile(HttpServletRequest httpServletRequest) {
        UserProfile userProfile = (UserProfile) httpServletRequest.getSession(true).getAttribute(WIKIUSER);
        if (userProfile != null) {
            return userProfile;
        }
        UserProfile limitedLogin = limitedLogin(httpServletRequest);
        if (limitedLogin != null) {
            return limitedLogin;
        }
        log.error("Unable to get a default UserProfile!");
        return null;
    }

    protected UserProfile limitedLogin(HttpServletRequest httpServletRequest) {
        UserProfile userProfile = null;
        String remoteUser = httpServletRequest.getRemoteUser();
        if (remoteUser != null) {
            userProfile = getUserProfile(remoteUser);
            if (userProfile != null) {
                userProfile.setLoginStatus(2);
                httpServletRequest.getSession(true).setAttribute(WIKIUSER, userProfile);
            }
        } else {
            String retrieveCookieValue = HttpUtil.retrieveCookieValue(httpServletRequest, WikiEngine.PREFS_COOKIE_NAME);
            log.debug(new StringBuffer().append("Stored username=").append(retrieveCookieValue).toString());
            if (retrieveCookieValue != null) {
                try {
                    userProfile = UserProfile.parseStringRepresentation(retrieveCookieValue);
                    if (userProfile != null) {
                        userProfile.setLoginStatus(1);
                    }
                } catch (NoSuchElementException e) {
                }
            }
        }
        if (userProfile == null) {
            userProfile = new UserProfile();
            userProfile.setLoginName(GROUP_GUEST);
            userProfile.setLoginStatus(0);
            if (this.m_storeIPAddress) {
                userProfile.setName(httpServletRequest.getRemoteHost());
            } else {
                userProfile.setName(userProfile.getLoginName());
            }
        }
        return userProfile;
    }

    public void setUserCookie(HttpServletResponse httpServletResponse, String str) {
        UserProfile userProfile = getUserProfile(str);
        if (userProfile != null) {
            Cookie cookie = new Cookie(WikiEngine.PREFS_COOKIE_NAME, userProfile.getStringRepresentation());
            cookie.setMaxAge(86486400);
            httpServletResponse.addCookie(cookie);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ecyrd$jspwiki$auth$UserManager == null) {
            cls = class$("com.ecyrd.jspwiki.auth.UserManager");
            class$com$ecyrd$jspwiki$auth$UserManager = cls;
        } else {
            cls = class$com$ecyrd$jspwiki$auth$UserManager;
        }
        log = Logger.getLogger(cls);
    }
}
