package net.lukemurphey.nsia.web.views;

import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.Map;
import java.util.Vector;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.Authentication;
import net.lukemurphey.nsia.ClientData;
import net.lukemurphey.nsia.InputValidationException;
import net.lukemurphey.nsia.LocalPasswordAuthentication;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NumericalOverflowException;
import net.lukemurphey.nsia.PasswordAuthenticationValidator;
import net.lukemurphey.nsia.SessionManagement;
import net.lukemurphey.nsia.SessionStatus;
import net.lukemurphey.nsia.UserManagement;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;
import net.lukemurphey.nsia.web.RequestContext;
import net.lukemurphey.nsia.web.SessionMessages;
import net.lukemurphey.nsia.web.URLInvalidException;
import net.lukemurphey.nsia.web.View;
import net.lukemurphey.nsia.web.ViewFailedException;
import net.lukemurphey.nsia.web.templates.DialogTemplateDirective;
import net.lukemurphey.nsia.web.templates.TemplateLoader;

/* loaded from: input_file:net/lukemurphey/nsia/web/views/LoginView.class */
public class LoginView extends View {

    /* loaded from: input_file:net/lukemurphey/nsia/web/views/LoginView$Message.class */
    public static class Message {
        private String message;
        private SessionMessages.MessageSeverity sev;

        public Message(String str, SessionMessages.MessageSeverity messageSeverity) {
            this.message = str;
            this.sev = messageSeverity;
        }

        public SessionMessages.MessageSeverity getSeverity() {
            return this.sev;
        }

        public String getMessage() {
            return this.message;
        }

        public String toString() {
            return this.message;
        }
    }

    public LoginView() {
        super("Login", "login", new Pattern[0]);
    }

    public static String getURL() throws URLInvalidException {
        return new LoginView().createURL(new Object[0]);
    }

    @Override // net.lukemurphey.nsia.web.View
    public boolean process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RequestContext requestContext, String[] strArr, Map<String, Object> map) throws ViewFailedException {
        ClientData clientData;
        if (requestContext != null && requestContext.getSessionInfo() != null && requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_ACTIVE) {
            try {
                if (httpServletRequest.getParameter("ReturnTo") != null) {
                    httpServletResponse.sendRedirect(httpServletRequest.getParameter("ReturnTo"));
                    return true;
                }
                httpServletResponse.sendRedirect(MainDashboardView.getURL());
                return true;
            } catch (IOException e) {
                throw new ViewFailedException(e);
            } catch (URLInvalidException e2) {
                throw new ViewFailedException(e2);
            }
        }
        map.put(DialogTemplateDirective.PARAM_TITLE, "Login");
        Vector vector = new Vector();
        vector.add(DashboardPreLoginPanel.getPanel(httpServletRequest, map));
        map.put("dashboard_headers", vector);
        map.put("show_splitter_border", false);
        map.put("alert", SessionMessages.MessageSeverity.ALERT);
        map.put("information", SessionMessages.MessageSeverity.INFORMATION);
        map.put("success", SessionMessages.MessageSeverity.SUCCESS);
        map.put("warning", SessionMessages.MessageSeverity.WARNING);
        if (httpServletRequest.getMethod().equalsIgnoreCase("POST") && httpServletRequest.getParameter("Username") != null) {
            String parameter = httpServletRequest.getParameter("Username");
            String parameter2 = httpServletRequest.getParameter("Password");
            map.put("username", parameter);
            try {
                clientData = new ClientData(InetAddress.getByName(httpServletRequest.getRemoteAddr()), httpServletRequest.getHeader("User-Agent"));
            } catch (UnknownHostException e3) {
                clientData = null;
            }
            String authenticate = authenticate(parameter, parameter2, clientData);
            if (authenticate != null) {
                SessionManagement.SessionInfo sessionInfo = null;
                if (requestContext != null) {
                    sessionInfo = requestContext.getSessionInfo();
                }
                if (sessionInfo != null && sessionInfo.getSessionIdentifier() != null) {
                    try {
                        new SessionManagement(Application.getApplication()).terminateSession(sessionInfo.getSessionIdentifier());
                    } catch (SQLException e4) {
                        throw new ViewFailedException(e4);
                    } catch (InputValidationException e5) {
                        throw new ViewFailedException(e5);
                    } catch (NoDatabaseConnectionException e6) {
                        throw new ViewFailedException(e6);
                    }
                }
                Cookie cookie = new Cookie("SessionID", authenticate);
                cookie.setPath("/");
                try {
                    if (Application.getApplication().getApplicationConfiguration().isSslEnabled()) {
                        cookie.setSecure(true);
                    }
                    httpServletResponse.addCookie(cookie);
                    try {
                        String parameter3 = httpServletRequest.getParameter("ForwardTo");
                        if (parameter3 != null) {
                            httpServletResponse.sendRedirect(parameter3);
                            return true;
                        }
                        httpServletResponse.sendRedirect("/");
                        return true;
                    } catch (IOException e7) {
                        throw new ViewFailedException(e7);
                    }
                } catch (SQLException e8) {
                    throw new ViewFailedException(e8);
                } catch (InputValidationException e9) {
                    throw new ViewFailedException(e9);
                } catch (NoDatabaseConnectionException e10) {
                    throw new ViewFailedException(e10);
                }
            }
            map.put("auth_failed", Boolean.TRUE);
            map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("Authentication failed; credentials are incorrect", SessionMessages.MessageSeverity.ALERT));
        } else if (requestContext != null && requestContext.getSessionInfo() != null) {
            if (requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_ADMIN_TERMINATED) {
                map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("Your session was terminated by an administrator", SessionMessages.MessageSeverity.ALERT));
            } else if (requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_EXPIRED) {
                map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("Your session has expired", SessionMessages.MessageSeverity.INFORMATION));
            } else if (requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_INACTIVE) {
                map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("Your session expired due to inactivity", SessionMessages.MessageSeverity.INFORMATION));
            } else if (requestContext.getSessionInfo().getSessionStatus() == SessionStatus.SESSION_LIFETIME_EXCEEDED) {
                map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("Your session has expired", SessionMessages.MessageSeverity.INFORMATION));
            }
            if (requestContext.getUser() != null) {
                map.put("username", requestContext.getUser().getUserName());
            }
        }
        if (httpServletRequest.getParameter("LoggedOut") != null) {
            map.put(DialogTemplateDirective.PARAM_MESSAGE, new Message("You have been successfully logged out", SessionMessages.MessageSeverity.INFORMATION));
        }
        TemplateLoader.renderToResponse("Login.ftl", map, httpServletResponse);
        return true;
    }

    private String authenticate(String str, String str2, ClientData clientData) throws ViewFailedException {
        Application application = Application.getApplication();
        if (str == null || str.length() == 0) {
            if (clientData == null) {
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
                return null;
            }
            application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            return null;
        }
        if (!Pattern.compile(UserManagement.USERNAME_REGEX).matcher(str).matches()) {
            if (clientData == null) {
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
            } else {
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            return null;
        }
        if (str.length() > 32) {
            if (clientData == null) {
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY);
            } else {
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_EMPTY, new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_LENGTH_EXCESSIVE, new EventLogField(EventLogField.FieldName.LENGTH, str.length()), new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            return null;
        }
        try {
            Authentication.AuthenticationResult authenticate = new LocalPasswordAuthentication(application).authenticate(str, new PasswordAuthenticationValidator(str2), clientData);
            if (authenticate.getAuthenticationStatus() == 5) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 6) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_USERNAME_BLOCKED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_USERNAME_BLOCKED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 4) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_ACCOUNT_DISABLED, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 1) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_WRONG, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_WRONG, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 2) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_PASSWORD_ILLEGAL, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() == 3) {
                if (clientData == null) {
                    application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_INVALID, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
                    return null;
                }
                application.logEvent(EventLogMessage.EventType.AUTHENTICATION_FAILED_USERNAME_INVALID, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str), new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
                return null;
            }
            if (authenticate.getAuthenticationStatus() != 0) {
                application.logEvent(EventLogMessage.EventType.INTERNAL_ERROR, new EventLogField(EventLogField.FieldName.MESSAGE, "Invalid authentication result code"));
                return null;
            }
            EventLogMessage eventLogMessage = new EventLogMessage(EventLogMessage.EventType.AUTHENTICATION_SUCCESS, new EventLogField(EventLogField.FieldName.TARGET_USER_NAME, str));
            try {
                SessionManagement.SessionInfo sessionInfo = new SessionManagement(application).getSessionInfo(authenticate.getSessionIdentifier());
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.TARGET_USER_ID, sessionInfo.getUserId()));
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.SESSION_TRACKING_NUMBER, sessionInfo.getTrackingNumber()));
            } catch (Exception e) {
                application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e);
            }
            if (clientData != null) {
                eventLogMessage.addField(new EventLogField(EventLogField.FieldName.SOURCE_ADDRESS, clientData.getSourceAddress().toString()));
            }
            application.logEvent(eventLogMessage);
            return authenticate.getSessionIdentifier();
        } catch (NoSuchAlgorithmException e2) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e2);
            throw new ViewFailedException(e2);
        } catch (SQLException e3) {
            application.logExceptionEvent(EventLogMessage.EventType.SQL_EXCEPTION, e3);
            throw new ViewFailedException(e3);
        } catch (InputValidationException e4) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e4);
            throw new ViewFailedException(e4);
        } catch (NoDatabaseConnectionException e5) {
            application.logExceptionEvent(EventLogMessage.EventType.DATABASE_FAILURE, e5);
            throw new ViewFailedException(e5);
        } catch (NumericalOverflowException e6) {
            application.logExceptionEvent(EventLogMessage.EventType.INTERNAL_ERROR, e6);
            throw new ViewFailedException(e6);
        }
    }
}
