package com.cenqua.fisheye.user.crowd;

import antlr.Version;
import com.atlassian.crowd.integration.Constants;
import com.atlassian.crowd.integration.exception.InvalidAuthenticationException;
import com.atlassian.crowd.integration.exception.ObjectNotFoundException;
import com.atlassian.crowd.integration.http.HttpAuthenticatorFactory;
import com.atlassian.crowd.integration.service.soap.client.SecurityServerClientFactory;
import com.atlassian.crowd.integration.soap.SOAPPrincipal;
import com.cenqua.fisheye.config1.CrowdAuthConfigType;
import com.cenqua.fisheye.logging.Logs;
import com.cenqua.fisheye.rep.RepositoryHandle;
import com.cenqua.fisheye.user.BaseAuth;
import com.cenqua.fisheye.user.LoginCookie;
import com.cenqua.fisheye.user.UserLogin;
import com.cenqua.fisheye.util.PropertiesUtil;
import com.cenqua.fisheye.util.StringUtil;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

/* loaded from: input_file:fecru-2.1.0.M1/fisheye.jar:com/cenqua/fisheye/user/crowd/CrowdAuth.class */
public class CrowdAuth extends BaseAuth {
    private static final long GROUP_CACHE_TTL = 120000;
    private final boolean autoadd;
    private final boolean ssoEnabled;
    private final boolean resync;
    private final long resyncPeriod;
    private final GroupMembershipCache gcache;

    public CrowdAuth(CrowdAuthConfigType crowdAuthConfigType) {
        this(crowdAuthConfigType, Logs.APP_LOG, Logs.PERF_LOG);
    }

    public CrowdAuth(CrowdAuthConfigType crowdAuthConfigType, Logger logger, Logger logger2) {
        super(logger, logger2);
        this.gcache = new GroupMembershipCache(GROUP_CACHE_TTL);
        this.autoadd = crowdAuthConfigType.getAutoAdd();
        this.resync = crowdAuthConfigType.getResync();
        this.resyncPeriod = convertStringToLong(crowdAuthConfigType.getResyncPeriod());
        this.ssoEnabled = crowdAuthConfigType.getSsoEnabled();
        String crowdProperties = crowdAuthConfigType.getCrowdProperties();
        if (crowdProperties != null) {
            setupProps(crowdProperties);
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean isResync() {
        return this.resync;
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public long getResyncPeriod() {
        return this.resyncPeriod;
    }

    private static void setupProps(String str) {
        Properties properties = new Properties();
        properties.setProperty(Constants.PROPERTIES_FILE_SESSIONKEY_VALIDATIONINTERVAL, Version.version);
        PropertiesUtil.loadFromString(properties, str);
        properties.setProperty(Constants.PROPERTIES_FILE_SESSIONKEY_LASTVALIDATION, "fisheye.crowd.session.lastvalidation");
        SecurityServerClientFactory.getSecurityServerClient().getClientProperties().updateProperties(properties);
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public void close() {
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean getAutoAdd() {
        return this.autoadd;
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public BaseAuth.AuthTok checkPassword(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String authenticatePrincipal;
        SOAPPrincipal findPrincipalByToken;
        try {
            long currentTimeMillis = System.currentTimeMillis();
            if (httpServletRequest == null || httpServletResponse == null || !this.ssoEnabled) {
                authenticatePrincipal = SecurityServerClientFactory.getSecurityServerClient().authenticatePrincipal(HttpAuthenticatorFactory.getHttpAuthenticator().getPrincipalAuthenticationContext(null, null, str, str2));
                findPrincipalByToken = SecurityServerClientFactory.getSecurityServerClient().findPrincipalByToken(authenticatePrincipal);
            } else {
                HttpAuthenticatorFactory.getHttpAuthenticator().authenticate(httpServletRequest, httpServletResponse, str, str2);
                findPrincipalByToken = HttpAuthenticatorFactory.getHttpAuthenticator().getPrincipal(httpServletRequest);
                authenticatePrincipal = HttpAuthenticatorFactory.getHttpAuthenticator().getToken(httpServletRequest);
            }
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("checkPassword() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return generateAuthToken(findPrincipalByToken, this.ssoEnabled ? authenticatePrincipal : null);
        } catch (InvalidAuthenticationException e) {
            this.appLog.info("user not found", e);
            return null;
        } catch (Exception e2) {
            this.appLog.warn("Problem communicating with Crowd", e2);
            return null;
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean hasPermissionToAccess(BaseAuth.AuthTok authTok, boolean z, RepositoryHandle repositoryHandle) {
        return z;
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public int getAuthType() {
        return 6;
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public BaseAuth.AuthTok recreateAuth(String str) {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            SOAPPrincipal findPrincipalByName = SecurityServerClientFactory.getSecurityServerClient().findPrincipalByName(str);
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("recreateAuth() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return generateAuthToken(findPrincipalByName, null);
        } catch (ObjectNotFoundException e) {
            this.appLog.warn("user not found", e);
            return null;
        } catch (Exception e2) {
            this.appLog.warn("Problem communicating with Crowd", e2);
            return null;
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public BaseAuth.AuthTok checkRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!this.ssoEnabled) {
            return null;
        }
        try {
            long currentTimeMillis = System.currentTimeMillis();
            if (HttpAuthenticatorFactory.getHttpAuthenticator().isAuthenticated(httpServletRequest, httpServletResponse)) {
                SOAPPrincipal principal = HttpAuthenticatorFactory.getHttpAuthenticator().getPrincipal(httpServletRequest);
                long currentTimeMillis2 = System.currentTimeMillis();
                if (Logs.PERF_LOG.isDebugEnabled()) {
                    Logs.PERF_LOG.debug("checkRequest() 2 in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
                }
                return generateAuthToken(principal, HttpAuthenticatorFactory.getHttpAuthenticator().getToken(httpServletRequest));
            }
            long currentTimeMillis3 = System.currentTimeMillis();
            if (!Logs.PERF_LOG.isDebugEnabled()) {
                return null;
            }
            Logs.PERF_LOG.debug("checkRequest() 1 in " + (currentTimeMillis3 - currentTimeMillis) + "ms");
            return null;
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean isRequestUserStillValid(UserLogin userLogin, BaseAuth.AuthTok authTok, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!this.ssoEnabled) {
            return true;
        }
        try {
            if (!HttpAuthenticatorFactory.getHttpAuthenticator().isAuthenticated(httpServletRequest, httpServletResponse)) {
                LoginCookie cookie = userLogin.getCookie();
                return cookie != null && cookie.getType() == 2;
            }
            if (!(authTok instanceof CrowdAuthTok)) {
                return false;
            }
            CrowdAuthTok crowdAuthTok = (CrowdAuthTok) authTok;
            String token = HttpAuthenticatorFactory.getHttpAuthenticator().getToken(httpServletRequest);
            if (StringUtil.equal(crowdAuthTok.initialToken, token)) {
                return true;
            }
            if (!userLogin.getUsername().equals(HttpAuthenticatorFactory.getHttpAuthenticator().getPrincipal(httpServletRequest).getName())) {
                return false;
            }
            crowdAuthTok.initialToken = token;
            return true;
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
            return false;
        }
    }

    private BaseAuth.AuthTok generateAuthToken(SOAPPrincipal sOAPPrincipal, String str) {
        return new CrowdAuthTok(sOAPPrincipal, str);
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public void logout(UserLogin userLogin, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            HttpAuthenticatorFactory.getHttpAuthenticator().logoff(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean supportsGroups() {
        return true;
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public List<String> listGroups() {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            List<String> asList = Arrays.asList(SecurityServerClientFactory.getSecurityServerClient().findAllGroupNames());
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("listGroups() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return asList;
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
            return Collections.emptyList();
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public List<String> getUsersInGroup(String str) {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            List<String> asList = Arrays.asList(SecurityServerClientFactory.getSecurityServerClient().findGroupByName(str).getMembers());
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("getUsersInGroup() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return asList;
        } catch (ObjectNotFoundException e) {
            return Collections.emptyList();
        } catch (Exception e2) {
            this.appLog.warn("Problem communicating with Crowd", e2);
            return Collections.emptyList();
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public boolean isUserInGroup(String str, String str2) {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            boolean contains = getGroupsForUser(str2).contains(str);
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("isUserInGroup() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return contains;
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
            return false;
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public List<String> getGroupsForUser(String str) {
        try {
            long currentTimeMillis = System.currentTimeMillis();
            String[] groupsForUser = this.gcache.groupsForUser(str);
            if (groupsForUser == null) {
                groupsForUser = SecurityServerClientFactory.getSecurityServerClient().findGroupMemberships(str);
                this.gcache.updatesGroupsForUser(str, groupsForUser);
            }
            List<String> asList = Arrays.asList(groupsForUser);
            long currentTimeMillis2 = System.currentTimeMillis();
            if (Logs.PERF_LOG.isDebugEnabled()) {
                Logs.PERF_LOG.debug("getGroupsForUser() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
            }
            return asList;
        } catch (Exception e) {
            this.appLog.warn("Problem communicating with Crowd", e);
            return Collections.emptyList();
        }
    }

    @Override // com.cenqua.fisheye.user.BaseAuth
    public List<String> getAllUserNames() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        List<String> asList = Arrays.asList(SecurityServerClientFactory.getSecurityServerClient().findAllPrincipalNames());
        long currentTimeMillis2 = System.currentTimeMillis();
        if (Logs.PERF_LOG.isDebugEnabled()) {
            Logs.PERF_LOG.debug("getAllUserNames() in " + (currentTimeMillis2 - currentTimeMillis) + "ms");
        }
        return asList;
    }
}
