package com.atlassian.jira.security.login;

import com.atlassian.core.util.Clock;
import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.crowd.embedded.api.UserWithAttributes;
import com.atlassian.crowd.exception.OperationNotPermittedException;
import com.atlassian.jira.bc.security.login.LoginInfo;
import com.atlassian.jira.bc.security.login.LoginInfoImpl;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.util.dbc.Assertions;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/jira/security/login/LoginStoreImpl.class */
public class LoginStoreImpl implements LoginStore {
    private static final Logger log = LoggerFactory.getLogger(LoginStoreImpl.class);
    private static final String LAST_LOGIN_TIME = "login.lastLoginMillis";
    private static final String PREV_LOGIN_TIME = "login.previousLoginMillis";
    private static final String LAST_FAILED_TIME = "login.lastFailedLoginMillis";
    private static final String LOGIN_COUNT = "login.count";
    private static final String CURRENT_FAILED_COUNT = "login.currentFailedCount";
    private static final String TOTAL_FAILED_COUNT = "login.totalFailedCount";
    private final Clock clock;
    private final ApplicationProperties applicationProperties;
    private final CrowdService crowdService;

    public LoginStoreImpl(Clock clock, ApplicationProperties applicationProperties, CrowdService crowdService) {
        this.clock = (Clock) Assertions.notNull("clock", clock);
        this.applicationProperties = (ApplicationProperties) Assertions.notNull("applicationProperties", applicationProperties);
        this.crowdService = (CrowdService) Assertions.notNull("crowdService", crowdService);
    }

    @Override // com.atlassian.jira.security.login.LoginStore
    public LoginInfo recordLoginAttempt(ApplicationUser applicationUser, boolean z) {
        Assertions.notNull("user", applicationUser);
        UserWithAttributes userWithAttributes = this.crowdService.getUserWithAttributes(applicationUser.getName());
        if (z) {
            setLong(userWithAttributes, CURRENT_FAILED_COUNT, 0L);
            updateLastLoginTime(userWithAttributes);
        } else {
            updateLastFailedLoginTime(userWithAttributes);
        }
        return getLoginInfo(applicationUser);
    }

    @Override // com.atlassian.jira.security.login.LoginStore
    public LoginInfo updateLastLoginTime(ApplicationUser applicationUser) {
        Assertions.notNull("user", applicationUser);
        updateLastLoginTime(this.crowdService.getUserWithAttributes(applicationUser.getName()));
        return getLoginInfo(applicationUser);
    }

    @Override // com.atlassian.jira.security.login.LoginStore
    public long getMaxAuthenticationAttemptsAllowed() {
        String defaultBackedString = this.applicationProperties.getDefaultBackedString("jira.maximum.authentication.attempts.allowed");
        try {
            if (StringUtils.isBlank(defaultBackedString)) {
                return Long.MAX_VALUE;
            }
            return Long.parseLong(defaultBackedString);
        } catch (NumberFormatException e) {
            log.error("Unable to read the MaxAuthenticationAttemptsAllowed value ' " + defaultBackedString + "'. Defaulting to UNLIMITED. If you really care about security you will want to find out why this value cannot be read.");
            return Long.MAX_VALUE;
        }
    }

    @Override // com.atlassian.jira.security.login.LoginStore
    public void resetFailedLoginCount(ApplicationUser applicationUser) {
        setLong(applicationUser.getDirectoryUser(), CURRENT_FAILED_COUNT, 0L);
    }

    @Override // com.atlassian.jira.security.login.LoginStore
    public LoginInfo getLoginInfo(ApplicationUser applicationUser) {
        Assertions.notNull("user", applicationUser);
        return getLoginInfoInternal(this.crowdService.getUserWithAttributes(applicationUser.getName()));
    }

    private LoginInfo getLoginInfoInternal(UserWithAttributes userWithAttributes) {
        return LoginInfoImpl.builder().setLastLoginTime(getLong(userWithAttributes, LAST_LOGIN_TIME)).setPreviousLoginTime(getLong(userWithAttributes, PREV_LOGIN_TIME)).setLastFailedLoginTime(getLong(userWithAttributes, LAST_FAILED_TIME)).setLoginCount(getLong(userWithAttributes, LOGIN_COUNT)).setCurrentFailedLoginCount(getLong(userWithAttributes, CURRENT_FAILED_COUNT)).setTotalFailedLoginCount(getLong(userWithAttributes, TOTAL_FAILED_COUNT)).setMaxAuthenticationAttemptsAllowed(Long.valueOf(getMaxAuthenticationAttemptsAllowed())).setElevatedSecurityCheckRequired(false).build();
    }

    private void updateLastLoginTime(UserWithAttributes userWithAttributes) {
        Long l = getLong(userWithAttributes, LAST_LOGIN_TIME);
        setLong(userWithAttributes, LAST_LOGIN_TIME, now());
        if (l != null) {
            setLong(userWithAttributes, PREV_LOGIN_TIME, l.longValue());
        }
        incrementLong(userWithAttributes, LOGIN_COUNT, 1);
    }

    private void updateLastFailedLoginTime(UserWithAttributes userWithAttributes) {
        setLong(userWithAttributes, LAST_FAILED_TIME, now());
        incrementLong(userWithAttributes, CURRENT_FAILED_COUNT, 1);
        incrementLong(userWithAttributes, TOTAL_FAILED_COUNT, 1);
    }

    private void setLong(User user, String str, long j) {
        try {
            this.crowdService.setUserAttribute(user, str, Long.valueOf(j).toString());
        } catch (OperationNotPermittedException e) {
            log.error(e.getMessage(), e);
        }
    }

    private Long getLong(UserWithAttributes userWithAttributes, String str) {
        String value = userWithAttributes.getValue(str);
        if (value != null) {
            return Long.valueOf(value);
        }
        return null;
    }

    private void incrementLong(UserWithAttributes userWithAttributes, String str, int i) {
        Long l = getLong(userWithAttributes, str);
        setLong(userWithAttributes, str, l == null ? i : l.longValue() + 1);
    }

    private long now() {
        return this.clock.getCurrentDate().getTime();
    }
}
