package org.joget.api.lib;

import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.joget.api.annotations.Operation;
import org.joget.api.annotations.Param;
import org.joget.api.annotations.Response;
import org.joget.api.annotations.Responses;
import org.joget.api.model.ApiDefinition;
import org.joget.api.model.ApiPluginAbstract;
import org.joget.api.model.ApiResponse;
import org.joget.api.service.ApiBuilder;
import org.joget.apps.app.service.AppPluginUtil;
import org.joget.apps.app.service.AppUtil;
import org.joget.commons.util.LogUtil;
import org.joget.commons.util.SecurityUtil;
import org.joget.workflow.model.dao.WorkflowHelper;
import org.joget.workflow.model.service.WorkflowUserManager;
import org.joget.workflow.util.WorkflowUtil;
import org.json.JSONObject;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;

/* loaded from: input_file:org/joget/api/lib/SsoAPI.class */
public class SsoAPI extends ApiPluginAbstract {
    public String getName() {
        return "SsoAPI";
    }

    public String getVersion() {
        return "7.0-PREVIEW";
    }

    public String getDescription() {
        return AppPluginUtil.getMessage(getName() + ".desc", getClassName(), getResourceBundlePath());
    }

    public String getLabel() {
        return AppPluginUtil.getMessage(getName() + ".label", getClassName(), getResourceBundlePath());
    }

    public String getClassName() {
        return getClass().getName();
    }

    public String getPropertyOptions() {
        return "";
    }

    @Override // org.joget.api.model.ApiPlugin
    public String getIcon() {
        return "<i class=\"fas fa-user\"></i>";
    }

    @Override // org.joget.api.model.ApiPlugin
    public String getTag() {
        return "sso";
    }

    @Override // org.joget.api.model.ApiPluginAbstract, org.joget.api.model.ApiPlugin
    public String getTagDesc() {
        return AppPluginUtil.getMessage(getName() + ".tagDesc", getClassName(), getResourceBundlePath());
    }

    @Operation(path = "/", summary = "@@SsoAPI.sso.summary@@")
    @Responses({@Response(responseCode = 200, description = "@@FormAPI.resp.200@@", definition = "SsoResponse"), @Response(responseCode = 401, description = "@@FormAPI.resp.401@@", definition = "ApiResponse")})
    public ApiResponse sso(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @Param(value = "j_username", required = false, description = "@@SsoAPI.username@@") String str, @Param(value = "j_password", required = false, description = "@@SsoAPI.password@@") String str2, @Param(value = "hash", required = false, description = "@@SsoAPI.hash@@") String str3) {
        boolean z = false;
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.startsWith("Basic ")) {
            z = true;
        }
        if (str != null && !str.isEmpty() && !z) {
            String remoteAddr = httpServletRequest.getRemoteAddr();
            WorkflowUserManager workflowUserManager = (WorkflowUserManager) AppUtil.getApplicationContext().getBean("workflowUserManager");
            if (str2 == null) {
                str2 = str3;
            }
            try {
                Authentication authenticate = ((AuthenticationManager) AppUtil.getApplicationContext().getBean("authenticationManager")).authenticate(new UsernamePasswordAuthenticationToken(str, str2));
                SecurityContextHolder.getContext().setAuthentication(authenticate);
                HttpSession session = httpServletRequest.getSession(false);
                if (session != null) {
                    SavedRequest request = new HttpSessionRequestCache().getRequest(httpServletRequest, httpServletResponse);
                    session.invalidate();
                    httpServletRequest.getSession(true);
                    if (request != null) {
                        new HttpSessionRequestCache().saveRequest(httpServletRequest, httpServletResponse);
                    }
                }
                boolean isAuthenticated = authenticate.isAuthenticated();
                if (isAuthenticated) {
                    workflowUserManager.clearCurrentThreadUser();
                }
                LogUtil.info(getClass().getName(), "Authentication for user " + str + " (" + remoteAddr + ") : " + isAuthenticated);
                ((WorkflowHelper) AppUtil.getApplicationContext().getBean("workflowHelper")).addAuditTrail(getClass().getName(), "authenticate", "Authentication for user " + str + " (" + remoteAddr + ") : " + isAuthenticated);
            } catch (AuthenticationException e) {
                if (str != null) {
                    LogUtil.info(getClass().getName(), "Authentication for user " + str + " (" + remoteAddr + ") : false");
                    ((WorkflowHelper) AppUtil.getApplicationContext().getBean("workflowHelper")).addAuditTrail(getClass().getName(), "authenticate", "Authentication for user " + str + " (" + remoteAddr + ") : false");
                }
            }
        }
        if (WorkflowUtil.isCurrentUserAnonymous()) {
            return ApiBuilder.writeUnauthorized(httpServletResponse);
        }
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("username", WorkflowUtil.getCurrentUsername());
            jSONObject.put("isAdmin", WorkflowUtil.isCurrentUserInRole("ROLE_ADMIN"));
            jSONObject.put("token", SecurityUtil.getCsrfTokenName() + "=" + SecurityUtil.getCsrfTokenValue(httpServletRequest));
        } catch (Exception e2) {
            LogUtil.error(getClassName(), e2, "");
        }
        return new ApiResponse(200, jSONObject);
    }

    @Override // org.joget.api.model.ApiPluginAbstract, org.joget.api.model.ApiPlugin
    public Map<String, ApiDefinition> getDefinitions() {
        HashMap hashMap = new HashMap();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("username", String.class);
        linkedHashMap.put("isAdmin", Boolean.class);
        linkedHashMap.put("token", String.class);
        hashMap.put("SsoResponse", new ApiDefinition((Map<String, Class>) linkedHashMap));
        return hashMap;
    }

    @Override // org.joget.api.model.ApiPluginAbstract, org.joget.api.model.ApiPlugin
    public String getResourceBundlePath() {
        return Activator.MESSAGE_PATH;
    }
}
