package com.liferay.multi.factor.authentication.web.internal.portlet.action;

import com.liferay.multi.factor.authentication.web.internal.constants.MFAPortletKeys;
import com.liferay.multi.factor.authentication.web.internal.constants.MFAWebKeys;
import com.liferay.multi.factor.authentication.web.internal.policy.MFAPolicy;
import com.liferay.petra.encryptor.Encryptor;
import com.liferay.portal.kernel.json.JSONFactory;
import com.liferay.portal.kernel.portlet.LiferayPortletResponse;
import com.liferay.portal.kernel.portlet.LiferayPortletURL;
import com.liferay.portal.kernel.portlet.PortletURLFactory;
import com.liferay.portal.kernel.portlet.bridges.mvc.BaseMVCActionCommand;
import com.liferay.portal.kernel.portlet.bridges.mvc.MVCActionCommand;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManagerUtil;
import com.liferay.portal.kernel.theme.ThemeDisplay;
import com.liferay.portal.kernel.util.Accessor;
import com.liferay.portal.kernel.util.DigesterUtil;
import com.liferay.portal.kernel.util.HashMapBuilder;
import com.liferay.portal.kernel.util.ListUtil;
import com.liferay.portal.kernel.util.MapUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import java.security.Key;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.ActionURL;
import javax.portlet.RenderURL;
import javax.portlet.WindowState;
import javax.portlet.filter.ActionRequestWrapper;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"javax.portlet.name=com_liferay_login_web_portlet_FastLoginPortlet", "javax.portlet.name=com_liferay_login_web_portlet_LoginPortlet", "mvc.command.name=/login/login", "service.ranking:Integer=1"}, service = {MVCActionCommand.class})
/* loaded from: input_file:com/liferay/multi/factor/authentication/web/internal/portlet/action/LoginMVCActionCommand.class */
public class LoginMVCActionCommand extends BaseMVCActionCommand {
    private static final Accessor<Object, String> _STRING_ACCESSOR = new Accessor<Object, String>() { // from class: com.liferay.multi.factor.authentication.web.internal.portlet.action.LoginMVCActionCommand.2
        /* renamed from: get, reason: merged with bridge method [inline-methods] */
        public String m3get(Object obj) {
            return String.valueOf(obj);
        }

        public Class<String> getAttributeClass() {
            return String.class;
        }

        public Class<Object> getTypeClass() {
            return Object.class;
        }
    };

    @Reference
    private JSONFactory _jsonFactory;

    @Reference(target = "(component.name=com.liferay.login.web.internal.portlet.action.LoginMVCActionCommand)")
    private MVCActionCommand _loginMVCActionCommand;

    @Reference
    private MFAPolicy _mfaPolicy;

    @Reference
    private Portal _portal;

    @Reference
    private PortletURLFactory _portletURLFactory;

    protected void doProcessAction(ActionRequest actionRequest, ActionResponse actionResponse) throws Exception {
        long companyId = this._portal.getCompanyId(actionRequest);
        if (!this._mfaPolicy.isMFAEnabled(companyId)) {
            this._loginMVCActionCommand.processAction(actionRequest, actionResponse);
            return;
        }
        String string = ParamUtil.getString(actionRequest, "state");
        if (!Validator.isBlank(string)) {
            actionRequest = _getActionRequest(actionRequest, string);
        }
        String string2 = ParamUtil.getString(actionRequest, "login");
        String string3 = ParamUtil.getString(actionRequest, "password");
        if (Validator.isBlank(string2) || Validator.isBlank(string3)) {
            return;
        }
        HttpServletRequest originalServletRequest = this._portal.getOriginalServletRequest(this._portal.getHttpServletRequest(actionRequest));
        long authenticatedUserId = AuthenticatedSessionManagerUtil.getAuthenticatedUserId(originalServletRequest, string2, string3, (String) null);
        if (this._mfaPolicy.isSatisfied(companyId, originalServletRequest, authenticatedUserId)) {
            this._loginMVCActionCommand.processAction(actionRequest, actionResponse);
        } else if (authenticatedUserId > 0) {
            _redirectToVerify(actionRequest, actionResponse, authenticatedUserId);
        }
    }

    private ActionRequest _getActionRequest(ActionRequest actionRequest, String str) throws Exception {
        HttpSession session = this._portal.getOriginalServletRequest(this._portal.getHttpServletRequest(actionRequest)).getSession();
        if (!StringUtil.equals(DigesterUtil.digest(str), (String) session.getAttribute(MFAWebKeys.MFA_WEB_DIGEST))) {
            throw new PrincipalException("User sent unverified state");
        }
        final Map map = (Map) ((Map) this._jsonFactory.looseDeserialize(Encryptor.decrypt((Key) session.getAttribute(MFAWebKeys.MFA_WEB_KEY), str), Map.class)).get("requestParameters");
        for (Map.Entry entry : map.entrySet()) {
            if (entry.getValue() instanceof List) {
                entry.setValue(ListUtil.toArray((List) entry.getValue(), _STRING_ACCESSOR));
            }
        }
        return new ActionRequestWrapper(actionRequest) { // from class: com.liferay.multi.factor.authentication.web.internal.portlet.action.LoginMVCActionCommand.1
            public String getParameter(String str2) {
                return MapUtil.getString(map, str2, (String) null);
            }

            public Map<String, String[]> getParameterMap() {
                return new HashMap(map);
            }

            public Enumeration<String> getParameterNames() {
                return Collections.enumeration(map.keySet());
            }

            public String[] getParameterValues(String str2) {
                return (String[]) map.get(str2);
            }
        };
    }

    private LiferayPortletURL _getLiferayPortletURL(HttpServletRequest httpServletRequest, String str, String str2) {
        HttpServletRequest originalServletRequest = this._portal.getOriginalServletRequest(httpServletRequest);
        long j = 0;
        ThemeDisplay themeDisplay = (ThemeDisplay) originalServletRequest.getAttribute("LIFERAY_SHARED_THEME_DISPLAY");
        if (themeDisplay != null) {
            j = themeDisplay.getPlid();
        }
        LiferayPortletURL create = this._portletURLFactory.create(originalServletRequest, MFAPortletKeys.VERIFY, j, "RENDER_PHASE");
        create.setParameter("saveLastPath", Boolean.FALSE.toString());
        create.setParameter("mvcRenderCommandName", "/mfa_verify/view");
        create.setParameter("redirect", str);
        create.setParameter("returnToFullPageURL", str2);
        return create;
    }

    private void _redirectToVerify(ActionRequest actionRequest, ActionResponse actionResponse, long j) throws Exception {
        LiferayPortletResponse liferayPortletResponse = this._portal.getLiferayPortletResponse(actionResponse);
        ActionURL createActionURL = liferayPortletResponse.createActionURL();
        createActionURL.setParameter("javax.portlet.action", "/login/login");
        Key generateKey = Encryptor.generateKey();
        String encrypt = Encryptor.encrypt(generateKey, this._jsonFactory.looseSerializeDeep(HashMapBuilder.put("requestParameters", actionRequest.getParameterMap()).build()));
        createActionURL.setParameter("state", encrypt);
        HttpServletRequest originalServletRequest = this._portal.getOriginalServletRequest(this._portal.getHttpServletRequest(actionRequest));
        String string = ParamUtil.getString(actionRequest, "redirect");
        RenderURL createRenderURL = liferayPortletResponse.createRenderURL();
        if (Validator.isNotNull(string)) {
            createRenderURL.setParameter("redirect", string);
        }
        LiferayPortletURL _getLiferayPortletURL = _getLiferayPortletURL(originalServletRequest, createActionURL.toString(), createRenderURL.toString());
        if ("com_liferay_login_web_portlet_FastLoginPortlet".equals(ParamUtil.getString(originalServletRequest, "p_p_id"))) {
            _getLiferayPortletURL.setWindowState(actionRequest.getWindowState());
        } else {
            _getLiferayPortletURL.setWindowState(WindowState.MAXIMIZED);
        }
        actionRequest.setAttribute("REDIRECT", _getLiferayPortletURL.toString());
        HttpSession session = originalServletRequest.getSession();
        session.setAttribute(MFAWebKeys.MFA_USER_ID, Long.valueOf(j));
        session.setAttribute(MFAWebKeys.MFA_WEB_DIGEST, DigesterUtil.digest(encrypt));
        session.setAttribute(MFAWebKeys.MFA_WEB_KEY, generateKey);
    }
}
