package org.apache.jetspeed.security.impl;

import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.components.ComponentManager;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.pipeline.PipelineException;
import org.apache.jetspeed.pipeline.valve.AbstractValve;
import org.apache.jetspeed.pipeline.valve.LoginValidationValve;
import org.apache.jetspeed.pipeline.valve.ValveContext;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserPrincipal;

/* loaded from: input_file:portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.1.4.jar:org/apache/jetspeed/security/impl/LoginValidationValveImpl.class */
public class LoginValidationValveImpl extends AbstractValve implements LoginValidationValve {
    private static final Log log;
    private int maxNumberOfAuthenticationFailures;
    private List sessionAttributes;
    static Class class$org$apache$jetspeed$security$impl$LoginValidationValveImpl;
    static Class class$org$apache$jetspeed$security$UserManager;
    static Class class$org$apache$jetspeed$security$UserPrincipal;

    public LoginValidationValveImpl(List list) {
        this.sessionAttributes = list;
    }

    public LoginValidationValveImpl(int i) {
        this.maxNumberOfAuthenticationFailures = i;
        this.sessionAttributes = new LinkedList();
    }

    public LoginValidationValveImpl(int i, List list) {
        this.maxNumberOfAuthenticationFailures = i;
        this.sessionAttributes = list;
    }

    @Override // org.apache.jetspeed.pipeline.valve.AbstractValve, org.apache.jetspeed.pipeline.valve.Valve
    public void invoke(RequestContext requestContext, ValveContext valveContext) throws PipelineException {
        Class cls;
        Class cls2;
        try {
            if (requestContext.getRequest().getUserPrincipal() == null) {
                if (requestContext.getSessionAttribute(LoginConstants.RETRYCOUNT) != null) {
                    String str = (String) requestContext.getSessionAttribute(LoginConstants.USERNAME);
                    if (str == null || str.equals("")) {
                        requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_UNKNOWN_USER);
                    } else {
                        ComponentManager componentManager = Jetspeed.getComponentManager();
                        if (class$org$apache$jetspeed$security$UserManager == null) {
                            cls = class$("org.apache.jetspeed.security.UserManager");
                            class$org$apache$jetspeed$security$UserManager = cls;
                        } else {
                            cls = class$org$apache$jetspeed$security$UserManager;
                        }
                        UserManager userManager = (UserManager) componentManager.getComponent(cls);
                        if (userManager != null) {
                            try {
                                User user = userManager.getUser(str);
                                Subject subject = user.getSubject();
                                if (class$org$apache$jetspeed$security$UserPrincipal == null) {
                                    cls2 = class$("org.apache.jetspeed.security.UserPrincipal");
                                    class$org$apache$jetspeed$security$UserPrincipal = cls2;
                                } else {
                                    cls2 = class$org$apache$jetspeed$security$UserPrincipal;
                                }
                                if (((UserPrincipal) SecurityHelper.getPrincipal(subject, cls2)).isEnabled()) {
                                    PasswordCredential passwordCredential = SecurityHelper.getPasswordCredential(user.getSubject());
                                    if (passwordCredential == null || !passwordCredential.isEnabled()) {
                                        requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
                                    } else if (passwordCredential.isExpired()) {
                                        requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_EXPIRED);
                                    } else if (this.maxNumberOfAuthenticationFailures <= 1 || passwordCredential.getAuthenticationFailures() != this.maxNumberOfAuthenticationFailures - 1) {
                                        requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD);
                                    } else {
                                        requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
                                    }
                                } else {
                                    requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_USER_DISABLED);
                                }
                            } catch (SecurityException e) {
                                requestContext.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_UNKNOWN_USER);
                            }
                        }
                    }
                }
            } else if (requestContext.getSessionAttribute(LoginConstants.LOGIN_CHECK) == null) {
                clearSessionAttributes(requestContext);
                requestContext.getRequest().getSession().setAttribute(LoginConstants.LOGIN_CHECK, "true");
            }
            valveContext.invokeNext(requestContext);
        } catch (Exception e2) {
            log.error(new StringBuffer().append("Exception in request pipeline: ").append(e2.getMessage()).toString(), e2);
            throw new PipelineException(e2.toString(), e2);
        }
    }

    private void clearSessionAttributes(RequestContext requestContext) {
        Iterator it = this.sessionAttributes.iterator();
        while (it.hasNext()) {
            requestContext.getRequest().getSession().removeAttribute((String) it.next());
        }
    }

    public String toString() {
        return "LoginValidationValve";
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$jetspeed$security$impl$LoginValidationValveImpl == null) {
            cls = class$("org.apache.jetspeed.security.impl.LoginValidationValveImpl");
            class$org$apache$jetspeed$security$impl$LoginValidationValveImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$impl$LoginValidationValveImpl;
        }
        log = LogFactory.getLog(cls);
    }
}
