package de.theit.jenkins.crowd;

import com.atlassian.crowd.exception.ApplicationAccessDeniedException;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.ExpiredCredentialException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.InvalidTokenException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.model.authentication.ValidationFactor;
import com.atlassian.crowd.model.user.User;
import hudson.security.SecurityRealm;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.RememberMeServices;

/* loaded from: input_file:de/theit/jenkins/crowd/CrowdRememberMeServices.class */
public class CrowdRememberMeServices implements RememberMeServices {
    private static final Logger LOG = Logger.getLogger(CrowdRememberMeServices.class.getName());
    private CrowdConfigurationService configuration;

    public CrowdRememberMeServices(CrowdConfigurationService crowdConfigurationService) {
        this.configuration = crowdConfigurationService;
    }

    public Authentication autoLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CrowdAuthenticationToken crowdAuthenticationToken = null;
        if (this.configuration.isUseSSO()) {
            List<ValidationFactor> validationFactors = this.configuration.getValidationFactors(httpServletRequest);
            LOG.log(Level.FINER, "Checking whether a SSO token is available...");
            String crowdToken = this.configuration.getCrowdToken(httpServletRequest);
            if (null != crowdToken) {
                try {
                    LOG.log(Level.FINER, "SSO token available => check whether it is still valid...");
                    this.configuration.validateSSOAuthentication(crowdToken, validationFactors);
                    LOG.log(Level.FINER, "Retrieving SSO user...");
                    User findUserFromSSOToken = this.configuration.findUserFromSSOToken(crowdToken);
                    CrowdAuthenticationToken.updateUserInfo(findUserFromSSOToken);
                    LOG.log(Level.FINER, "Validating group membership of user...");
                    if (this.configuration.isGroupMember(findUserFromSSOToken.getName())) {
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(SecurityRealm.AUTHENTICATED_AUTHORITY2);
                        arrayList.addAll(this.configuration.getAuthoritiesForUser(findUserFromSSOToken.getName()));
                        crowdAuthenticationToken = new CrowdAuthenticationToken(findUserFromSSOToken.getName(), null, arrayList, crowdToken);
                    }
                } catch (InvalidTokenException e) {
                    LOG.log(Level.FINE, ErrorMessages.invalidToken(), e);
                } catch (InvalidAuthenticationException e2) {
                    LOG.log(Level.WARNING, ErrorMessages.invalidAuthentication());
                } catch (ApplicationPermissionException e3) {
                    LOG.log(Level.WARNING, ErrorMessages.applicationPermission());
                } catch (IllegalStateException e4) {
                    LOG.log(Level.WARNING, "Encountered IllegalStateException. System init may not have completed yet.");
                } catch (OperationFailedException e5) {
                    LOG.log(Level.SEVERE, ErrorMessages.operationFailed(), e5);
                }
            }
        }
        return crowdAuthenticationToken;
    }

    public void loginFail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            LOG.log(Level.FINE, "Login failed");
            this.configuration.logout(httpServletRequest, httpServletResponse);
        } catch (OperationFailedException e) {
            LOG.log(Level.SEVERE, ErrorMessages.operationFailed(), e);
        } catch (ApplicationPermissionException e2) {
            LOG.log(Level.WARNING, ErrorMessages.applicationPermission());
        } catch (InvalidAuthenticationException e3) {
            LOG.log(Level.WARNING, ErrorMessages.invalidAuthentication());
        }
    }

    public void loginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        if (authentication instanceof CrowdAuthenticationToken) {
            CrowdAuthenticationToken crowdAuthenticationToken = (CrowdAuthenticationToken) authentication;
            List<ValidationFactor> validationFactors = this.configuration.getValidationFactors(httpServletRequest);
            String sSOToken = crowdAuthenticationToken.getSSOToken();
            if (null == sSOToken) {
                try {
                    LOG.log(Level.FINE, "SSO token not yet available => authenticate user...");
                    this.configuration.authenticate(httpServletRequest, httpServletResponse, crowdAuthenticationToken.getName(), crowdAuthenticationToken.m3getCredentials());
                    LOG.log(Level.FINER, "Retrieve SSO token...");
                    sSOToken = this.configuration.getCrowdToken(httpServletRequest);
                } catch (ApplicationPermissionException e) {
                    LOG.log(Level.WARNING, ErrorMessages.applicationPermission());
                    return;
                } catch (InactiveAccountException e2) {
                    LOG.log(Level.WARNING, ErrorMessages.accountExpired(crowdAuthenticationToken.getName()));
                    return;
                } catch (ExpiredCredentialException e3) {
                    LOG.log(Level.WARNING, ErrorMessages.expiredCredentials(crowdAuthenticationToken.getName()));
                    return;
                } catch (InvalidAuthenticationException e4) {
                    LOG.log(Level.WARNING, ErrorMessages.invalidAuthentication());
                    return;
                } catch (OperationFailedException e5) {
                    LOG.log(Level.SEVERE, ErrorMessages.operationFailed(), e5);
                    return;
                } catch (InvalidTokenException e6) {
                    LOG.log(Level.FINE, ErrorMessages.invalidToken(), e6);
                    return;
                } catch (ApplicationAccessDeniedException e7) {
                    LOG.log(Level.WARNING, ErrorMessages.applicationAccessDenied(crowdAuthenticationToken.getName()));
                    return;
                }
            }
            if (null == sSOToken) {
                loginFail(httpServletRequest, httpServletResponse);
                return;
            }
            LOG.log(Level.FINE, "Validate the SSO authentication...");
            this.configuration.validateSSOAuthentication(sSOToken, validationFactors);
            LOG.log(Level.FINE, "Successfully authenticated via SSO");
        }
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            LOG.log(Level.FINE, "Logout user and close SSO session");
            this.configuration.logout(httpServletRequest, httpServletResponse);
        } catch (OperationFailedException e) {
            LOG.log(Level.SEVERE, ErrorMessages.operationFailed(), e);
        } catch (ApplicationPermissionException e2) {
            LOG.log(Level.WARNING, ErrorMessages.applicationPermission());
        } catch (InvalidAuthenticationException e3) {
            LOG.log(Level.WARNING, ErrorMessages.invalidAuthentication());
        }
    }
}
