package org.ofbiz.webapp.control;

import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.PageContext;
import javax.transaction.Transaction;
import javolution.util.FastList;
import javolution.util.FastMap;
import org.ofbiz.base.component.ComponentConfig;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.GeneralException;
import org.ofbiz.base.util.KeyStoreUtil;
import org.ofbiz.base.util.StringUtil;
import org.ofbiz.base.util.UtilFormatOut;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.entity.Delegator;
import org.ofbiz.entity.DelegatorFactory;
import org.ofbiz.entity.GenericEntityException;
import org.ofbiz.entity.GenericValue;
import org.ofbiz.entity.condition.EntityCondition;
import org.ofbiz.entity.condition.EntityConditionList;
import org.ofbiz.entity.condition.EntityFieldMap;
import org.ofbiz.entity.condition.EntityOperator;
import org.ofbiz.entity.serialize.XmlSerializer;
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.entity.util.EntityFindOptions;
import org.ofbiz.security.Security;
import org.ofbiz.security.SecurityConfigurationException;
import org.ofbiz.security.SecurityFactory;
import org.ofbiz.security.authz.Authorization;
import org.ofbiz.security.authz.AuthorizationFactory;
import org.ofbiz.service.GenericServiceException;
import org.ofbiz.service.LocalDispatcher;
import org.ofbiz.service.ServiceUtil;
import org.ofbiz.webapp.stats.VisitHandler;

/* loaded from: input_file:org/ofbiz/webapp/control/LoginWorker.class */
public class LoginWorker {
    public static final String resourceWebapp = "SecurityextUiLabels";
    public static final String EXTERNAL_LOGIN_KEY_ATTR = "externalLoginKey";
    public static final String X509_CERT_ATTR = "SSLx509Cert";
    public static final String module = LoginWorker.class.getName();
    public static Map<String, GenericValue> externalLoginKeys = FastMap.newInstance();

    public static StringUtil.StringWrapper makeLoginUrl(PageContext pageContext) {
        return makeLoginUrl(pageContext, "checkLogin");
    }

    public static StringUtil.StringWrapper makeLoginUrl(HttpServletRequest httpServletRequest) {
        return makeLoginUrl(httpServletRequest, "checkLogin");
    }

    public static StringUtil.StringWrapper makeLoginUrl(PageContext pageContext, String str) {
        return makeLoginUrl(pageContext.getRequest(), str);
    }

    public static StringUtil.StringWrapper makeLoginUrl(HttpServletRequest httpServletRequest, String str) {
        String urlEncodeArgs = UtilHttp.urlEncodeArgs(UtilHttp.getUrlOnlyParameterMap(httpServletRequest), false);
        String checkNull = UtilFormatOut.checkNull((String) httpServletRequest.getAttribute("_CURRENT_VIEW_"));
        String str2 = "/" + str;
        if ("login".equals(checkNull)) {
            return StringUtil.wrapString(str2);
        }
        if (UtilValidate.isNotEmpty(checkNull)) {
            str2 = str2 + "/" + checkNull;
        }
        if (UtilValidate.isNotEmpty(urlEncodeArgs)) {
            str2 = str2 + "?" + urlEncodeArgs;
        }
        return StringUtil.wrapString(str2);
    }

    public static String getExternalLoginKey(HttpServletRequest httpServletRequest) {
        GenericValue genericValue = (GenericValue) httpServletRequest.getAttribute("userLogin");
        String str = (String) httpServletRequest.getAttribute(EXTERNAL_LOGIN_KEY_ATTR);
        if (str != null) {
            return str;
        }
        HttpSession session = httpServletRequest.getSession();
        synchronized (session) {
            String str2 = (String) session.getAttribute(EXTERNAL_LOGIN_KEY_ATTR);
            if (str2 != null) {
                externalLoginKeys.remove(str2);
            }
            if (genericValue == null) {
                return "";
            }
            while (true) {
                if (str != null && !externalLoginKeys.containsKey(str)) {
                    httpServletRequest.setAttribute(EXTERNAL_LOGIN_KEY_ATTR, str);
                    session.setAttribute(EXTERNAL_LOGIN_KEY_ATTR, str);
                    externalLoginKeys.put(str, genericValue);
                    return str;
                }
                str = "EL" + Long.toString(Math.round(Math.random() * 1000000.0d)) + Long.toString(Math.round(Math.random() * 1000000.0d));
            }
        }
    }

    public static void cleanupExternalLoginKey(HttpSession httpSession) {
        String str = (String) httpSession.getAttribute(EXTERNAL_LOGIN_KEY_ATTR);
        if (str != null) {
            externalLoginKeys.remove(str);
        }
    }

    /* JADX WARN: Finally extract failed */
    public static void setLoggedOut(String str, Delegator delegator) {
        if (UtilValidate.isEmpty(str)) {
            Debug.logWarning("Called setLogged out with empty userLoginId", module);
        }
        Transaction transaction = null;
        try {
            try {
                transaction = TransactionUtil.suspend();
            } catch (Throwable th) {
                if (transaction != null) {
                    try {
                        TransactionUtil.resume(transaction);
                        Debug.logVerbose("Resumed the parent transaction.", module);
                    } catch (GenericTransactionException e) {
                        Debug.logError(e, "Cannot resume transaction: " + e.getMessage(), module);
                    }
                }
                throw th;
            }
        } catch (GenericTransactionException e2) {
            Debug.logError(e2, "Cannot suspend current transaction: " + e2.getMessage(), module);
        }
        try {
            try {
                boolean begin = TransactionUtil.begin();
                GenericValue findOne = delegator.findOne("UserLogin", false, new Object[]{"userLoginId", str});
                if (findOne == null) {
                    Debug.logError("Could not find UserLogin record for setLoggedOut with userLoginId [" + str + "]", module);
                } else {
                    findOne.set("hasLoggedOut", "Y");
                    findOne.store();
                }
                try {
                    TransactionUtil.commit(begin);
                } catch (GenericTransactionException e3) {
                    Debug.logError(e3, "Could not commit nested transaction: " + e3.getMessage(), module);
                }
            } catch (GenericEntityException e4) {
                Debug.logError(e4, "Unable to set logged out flag on UserLogin", module);
                try {
                    TransactionUtil.rollback(false, "Unable to set logged out flag on UserLogin", e4);
                } catch (GenericTransactionException e5) {
                    Debug.logError(e5, "Could not rollback nested transaction: " + e4.getMessage(), module);
                }
                try {
                    TransactionUtil.commit(false);
                } catch (GenericTransactionException e6) {
                    Debug.logError(e6, "Could not commit nested transaction: " + e6.getMessage(), module);
                }
            }
            if (transaction != null) {
                try {
                    TransactionUtil.resume(transaction);
                    Debug.logVerbose("Resumed the parent transaction.", module);
                } catch (GenericTransactionException e7) {
                    Debug.logError(e7, "Cannot resume transaction: " + e7.getMessage(), module);
                }
            }
        } catch (Throwable th2) {
            try {
                TransactionUtil.commit(false);
            } catch (GenericTransactionException e8) {
                Debug.logError(e8, "Could not commit nested transaction: " + e8.getMessage(), module);
            }
            throw th2;
        }
    }

    public static String checkLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        GenericValue genericValue = (GenericValue) session.getAttribute("userLogin");
        if (genericValue != null && "anonymous".equals(genericValue.getString("userLoginId"))) {
            genericValue = null;
        }
        if (genericValue != null && (!hasBasePermission(genericValue, httpServletRequest) || isFlaggedLoggedOut(genericValue))) {
            Debug.logInfo("User does not have permission or is flagged as logged out", module);
            doBasicLogout(genericValue, httpServletRequest, httpServletResponse);
            genericValue = null;
            session = httpServletRequest.getSession();
        }
        if (genericValue != null) {
            return "success";
        }
        String parameter = httpServletRequest.getParameter("USERNAME");
        String parameter2 = httpServletRequest.getParameter("PASSWORD");
        if (parameter == null) {
            parameter = (String) session.getAttribute("USERNAME");
        }
        if (parameter2 == null) {
            parameter2 = (String) session.getAttribute("PASSWORD");
        }
        if (parameter != null && parameter2 != null && !"error".equals(login(httpServletRequest, httpServletResponse))) {
            return "success";
        }
        httpServletRequest.removeAttribute("_LOGIN_PASSED_");
        session.setAttribute("_PREVIOUS_REQUEST_", httpServletRequest.getPathInfo());
        Map urlOnlyParameterMap = UtilHttp.getUrlOnlyParameterMap(httpServletRequest);
        if (UtilValidate.isNotEmpty(urlOnlyParameterMap)) {
            session.setAttribute("_PREVIOUS_PARAM_MAP_URL_", urlOnlyParameterMap);
        }
        Map parameterMap = UtilHttp.getParameterMap(httpServletRequest, urlOnlyParameterMap.keySet(), false);
        if (!UtilValidate.isNotEmpty(parameterMap)) {
            return "error";
        }
        session.setAttribute("_PREVIOUS_PARAM_MAP_FORM_", parameterMap);
        return "error";
    }

    public static String login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute("userLogin") != null) {
            return "success";
        }
        String parameter = httpServletRequest.getParameter("USERNAME");
        String parameter2 = httpServletRequest.getParameter("PASSWORD");
        if (parameter == null) {
            parameter = (String) session.getAttribute("USERNAME");
        }
        if (parameter2 == null) {
            parameter2 = (String) session.getAttribute("PASSWORD");
        }
        if (UtilValidate.isNotEmpty(httpServletRequest.getAttribute("USERNAME"))) {
            parameter = (String) httpServletRequest.getAttribute("USERNAME");
        }
        if (UtilValidate.isNotEmpty(httpServletRequest.getAttribute("PASSWORD"))) {
            parameter2 = (String) httpServletRequest.getAttribute("PASSWORD");
        }
        FastList newInstance = FastList.newInstance();
        if (UtilValidate.isEmpty(parameter)) {
            newInstance.add(UtilProperties.getMessage(resourceWebapp, "loginevents.username_was_empty_reenter", UtilHttp.getLocale(httpServletRequest)));
        }
        if (UtilValidate.isEmpty(parameter2)) {
            newInstance.add(UtilProperties.getMessage(resourceWebapp, "loginevents.password_was_empty_reenter", UtilHttp.getLocale(httpServletRequest)));
        }
        if (!newInstance.isEmpty()) {
            httpServletRequest.setAttribute("_ERROR_MESSAGE_LIST_", newInstance);
            return "error";
        }
        boolean z = false;
        LocalDispatcher localDispatcher = (LocalDispatcher) httpServletRequest.getAttribute("dispatcher");
        Delegator delegator = (Delegator) httpServletRequest.getAttribute("delegator");
        String parameter3 = httpServletRequest.getParameter("tenantId");
        if (UtilValidate.isNotEmpty(parameter3)) {
            String delegatorName = delegator.getDelegatorName();
            int indexOf = delegatorName.indexOf(35);
            String str = null;
            if (indexOf > 0) {
                str = delegatorName.substring(indexOf + 1);
                if (str != null) {
                    str.trim();
                }
            }
            if (indexOf == -1 || (str != null && !parameter3.equals(str))) {
                ServletContext servletContext = session.getServletContext();
                delegator = DelegatorFactory.getDelegator(delegator.getDelegatorName() + "#" + parameter3);
                localDispatcher = ContextFilter.makeWebappDispatcher(servletContext, delegator);
                z = true;
            }
        }
        if ("Y".equals(httpServletRequest.getParameter("requirePasswordChange"))) {
            Map map = UtilMisc.toMap(new Object[]{"login.username", parameter, "login.password", parameter2, "locale", UtilHttp.getLocale(httpServletRequest)});
            map.put("userLoginId", parameter);
            map.put("currentPassword", parameter2);
            map.put("newPassword", httpServletRequest.getParameter("newPassword"));
            map.put("newPasswordVerify", httpServletRequest.getParameter("newPasswordVerify"));
            try {
                Map runSync = localDispatcher.runSync("updatePassword", map);
                if (ServiceUtil.isError(runSync)) {
                    String str2 = (String) runSync.get("errorMessage");
                    if (UtilValidate.isNotEmpty(str2)) {
                        httpServletRequest.setAttribute("_ERROR_MESSAGE_", UtilProperties.getMessage(resourceWebapp, "loginevents.following_error_occurred_during_login", UtilMisc.toMap("errorMessage", str2), UtilHttp.getLocale(httpServletRequest)));
                    }
                    httpServletRequest.setAttribute("_ERROR_MESSAGE_LIST_", runSync.get("errorMessageList"));
                    return "error";
                }
                parameter2 = httpServletRequest.getParameter("newPassword");
            } catch (GenericServiceException e) {
                Debug.logError(e, "Error calling updatePassword service", module);
                httpServletRequest.setAttribute("_ERROR_MESSAGE_", UtilProperties.getMessage(resourceWebapp, "loginevents.following_error_occurred_during_login", UtilMisc.toMap("errorMessage", e.getMessage()), UtilHttp.getLocale(httpServletRequest)));
                return "error";
            }
        }
        try {
            Map runSync2 = localDispatcher.runSync("userLogin", UtilMisc.toMap("login.username", parameter, "login.password", parameter2, "visitId", VisitHandler.getVisitId(session), "locale", UtilHttp.getLocale(httpServletRequest)));
            if (!"success".equals(runSync2.get("responseMessage"))) {
                httpServletRequest.setAttribute("_ERROR_MESSAGE_", UtilProperties.getMessage(resourceWebapp, "loginevents.following_error_occurred_during_login", UtilMisc.toMap("errorMessage", (String) runSync2.get("errorMessage")), UtilHttp.getLocale(httpServletRequest)));
                return "error";
            }
            if (z) {
                setWebContextObjects(httpServletRequest, httpServletResponse, delegator, localDispatcher);
            }
            GenericValue genericValue = (GenericValue) runSync2.get("userLogin");
            Map checkMap = UtilGenerics.checkMap(runSync2.get("userLoginSession"), String.class, Object.class);
            if (genericValue != null && "Y".equals(genericValue.getString("requirePasswordChange"))) {
                return "requirePasswordChange";
            }
            try {
                localDispatcher.runSync("setUserPreference", UtilMisc.toMap(new Object[]{"userPrefTypeId", "javaScriptEnabled", "userPrefGroupTypeId", "GLOBAL_PREFERENCES", "userPrefValue", "Y".equals(httpServletRequest.getParameter("JavaScriptEnabled")) ? "Y" : "N", "userLogin", genericValue}));
            } catch (GenericServiceException e2) {
                Debug.logError(e2, "Error setting user preference", module);
            }
            return doMainLogin(httpServletRequest, httpServletResponse, genericValue, checkMap);
        } catch (GenericServiceException e3) {
            Debug.logError(e3, "Error calling userLogin service", module);
            httpServletRequest.setAttribute("_ERROR_MESSAGE_", UtilProperties.getMessage(resourceWebapp, "loginevents.following_error_occurred_during_login", UtilMisc.toMap("errorMessage", e3.getMessage()), UtilHttp.getLocale(httpServletRequest)));
            return "error";
        }
    }

    private static void setWebContextObjects(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Delegator delegator, LocalDispatcher localDispatcher) {
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute("delegatorName", delegator.getDelegatorName());
        httpServletRequest.setAttribute("delegator", delegator);
        session.setAttribute("delegator", delegator);
        httpServletRequest.setAttribute("dispatcher", localDispatcher);
        session.setAttribute("dispatcher", localDispatcher);
        try {
            Security securityFactory = SecurityFactory.getInstance(delegator);
            httpServletRequest.setAttribute("security", securityFactory);
            session.setAttribute("security", securityFactory);
        } catch (SecurityConfigurationException e) {
            Debug.logError(e, module);
        }
        try {
            Authorization authorizationFactory = AuthorizationFactory.getInstance(delegator);
            httpServletRequest.setAttribute("authz", authorizationFactory);
            session.setAttribute("authz", authorizationFactory);
        } catch (SecurityConfigurationException e2) {
            Debug.logError(e2, module);
        }
        session.removeAttribute("visitor");
        session.removeAttribute("visit");
        VisitHandler.getVisitor(httpServletRequest, httpServletResponse);
        VisitHandler.getVisit(session);
    }

    public static String doMainLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, GenericValue genericValue, Map<String, Object> map) {
        HttpSession session = httpServletRequest.getSession();
        if (genericValue == null || !hasBasePermission(genericValue, httpServletRequest)) {
            httpServletRequest.setAttribute("_ERROR_MESSAGE_", UtilProperties.getMessage(resourceWebapp, "loginevents.unable_to_login_this_application", UtilHttp.getLocale(httpServletRequest)));
            return "error";
        }
        doBasicLogin(genericValue, httpServletRequest);
        if (map != null) {
            session.setAttribute("userLoginSession", map);
        }
        httpServletRequest.setAttribute("_LOGIN_PASSED_", "TRUE");
        RequestHandler.getRequestHandler(httpServletRequest.getSession().getServletContext()).runAfterLoginEvents(httpServletRequest, httpServletResponse);
        return autoLoginSet(httpServletRequest, httpServletResponse);
    }

    public static void doBasicLogin(GenericValue genericValue, HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute("userLogin", genericValue);
        String str = null;
        try {
            str = (String) ((LocalDispatcher) httpServletRequest.getAttribute("dispatcher")).runSync("getUserPreference", UtilMisc.toMap(new Object[]{"userPrefTypeId", "javaScriptEnabled", "userPrefGroupTypeId", "GLOBAL_PREFERENCES", "userLogin", genericValue})).get("userPrefValue");
        } catch (GenericServiceException e) {
            Debug.logError(e, "Error getting user preference", module);
        }
        session.setAttribute("javaScriptEnabled", Boolean.valueOf("Y".equals(str)));
        if (genericValue.getModelEntity().isField("partyId")) {
            try {
                GenericValue relatedOne = genericValue.getRelatedOne("Person");
                GenericValue relatedOne2 = genericValue.getRelatedOne("PartyGroup");
                if (relatedOne != null) {
                    session.setAttribute("person", relatedOne);
                }
                if (relatedOne2 != null) {
                    session.setAttribute("partyGroup", relatedOne2);
                }
            } catch (GenericEntityException e2) {
                Debug.logError(e2, "Error getting person/partyGroup info for session, ignoring...", module);
            }
        }
        VisitHandler.setUserLogin(session, genericValue, false);
    }

    public static String logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        RequestHandler.getRequestHandler(httpServletRequest.getSession().getServletContext()).runBeforeLogoutEvents(httpServletRequest, httpServletResponse);
        doBasicLogout((GenericValue) httpServletRequest.getSession().getAttribute("userLogin"), httpServletRequest, httpServletResponse);
        return httpServletRequest.getAttribute("_AUTO_LOGIN_LOGOUT_") == null ? autoLoginCheck(httpServletRequest, httpServletResponse) : "success";
    }

    public static void doBasicLogout(GenericValue genericValue, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        Delegator delegator = (Delegator) httpServletRequest.getAttribute("delegator");
        Security security = (Security) httpServletRequest.getAttribute("security");
        if (security != null && genericValue != null) {
            security.clearUserData(genericValue);
        }
        if (genericValue != null) {
            setLoggedOut(genericValue.getString("userLoginId"), delegator);
        }
        String str = (String) session.getAttribute("CURRENT_CATALOG_ID");
        String str2 = (String) session.getAttribute("delegatorName");
        httpServletRequest.removeAttribute("delegator");
        httpServletRequest.removeAttribute("dispatcher");
        httpServletRequest.removeAttribute("security");
        httpServletRequest.removeAttribute("authz");
        session.invalidate();
        HttpSession session2 = httpServletRequest.getSession(true);
        UtilHttp.setInitialRequestInfo(httpServletRequest);
        if (str != null) {
            session2.setAttribute("CURRENT_CATALOG_ID", str);
        }
        if (str2 != null) {
            if (str2.indexOf(35) > 0) {
                str2 = str2.substring(0, str2.indexOf(35));
            }
            session2.setAttribute("delegatorName", str2);
            Delegator delegator2 = DelegatorFactory.getDelegator(str2);
            setWebContextObjects(httpServletRequest, httpServletResponse, delegator2, ContextFilter.makeWebappDispatcher(session2.getServletContext(), delegator2));
        }
    }

    public static String autoLoginSet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Delegator delegator = (Delegator) httpServletRequest.getAttribute("delegator");
        HttpSession session = httpServletRequest.getSession();
        GenericValue genericValue = (GenericValue) session.getAttribute("userLogin");
        String propertyValue = UtilProperties.getPropertyValue("url.properties", "cookie.domain");
        if (genericValue == null) {
            return "success";
        }
        Cookie cookie = new Cookie(getAutoLoginCookieName(httpServletRequest), genericValue.getString("userLoginId"));
        cookie.setMaxAge(31536000);
        cookie.setDomain(propertyValue);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        return autoLoginCheck(delegator, session, genericValue.getString("userLoginId"));
    }

    protected static String getAutoLoginCookieName(HttpServletRequest httpServletRequest) {
        return UtilHttp.getApplicationName(httpServletRequest) + ".autoUserLoginId";
    }

    public static String getAutoUserLoginId(HttpServletRequest httpServletRequest) {
        String str = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (Debug.verboseOn()) {
            Debug.logVerbose("Cookies:" + cookies, module);
        }
        if (cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if (cookie.getName().equals(getAutoLoginCookieName(httpServletRequest))) {
                    str = cookie.getValue();
                    break;
                }
                i++;
            }
        }
        return str;
    }

    public static String autoLoginCheck(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return autoLoginCheck((Delegator) httpServletRequest.getAttribute("delegator"), httpServletRequest.getSession(), getAutoUserLoginId(httpServletRequest));
    }

    private static String autoLoginCheck(Delegator delegator, HttpSession httpSession, String str) {
        if (str == null) {
            return "success";
        }
        Debug.logInfo("Running autoLogin check.", module);
        try {
            GenericValue findOne = delegator.findOne("UserLogin", false, new Object[]{"userLoginId", str});
            GenericValue genericValue = null;
            GenericValue genericValue2 = null;
            if (findOne != null) {
                httpSession.setAttribute("autoUserLogin", findOne);
                if (findOne.getModelEntity().isField("partyId")) {
                    genericValue = delegator.findOne("Person", false, new Object[]{"partyId", findOne.getString("partyId")});
                    genericValue2 = delegator.findOne("PartyGroup", false, new Object[]{"partyId", findOne.getString("partyId")});
                }
            }
            if (genericValue != null) {
                httpSession.setAttribute("autoName", genericValue.getString("firstName") + " " + genericValue.getString("lastName"));
            } else if (genericValue2 != null) {
                httpSession.setAttribute("autoName", genericValue2.getString("groupName"));
            }
            return "success";
        } catch (GenericEntityException e) {
            Debug.logError(e, "Cannot get autoUserLogin information: " + e.getMessage(), module);
            return "success";
        }
    }

    public static String autoLoginRemove(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        GenericValue genericValue = (GenericValue) session.getAttribute("autoUserLogin");
        if (genericValue != null) {
            Cookie cookie = new Cookie(getAutoLoginCookieName(httpServletRequest), genericValue.getString("userLoginId"));
            cookie.setMaxAge(0);
            cookie.setPath("/");
            httpServletResponse.addCookie(cookie);
        }
        session.removeAttribute("autoUserLogin");
        session.removeAttribute("autoName");
        if (session.getAttribute("userLogin") == null) {
            return "success";
        }
        httpServletRequest.setAttribute("_AUTO_LOGIN_LOGOUT_", Boolean.TRUE);
        return logout(httpServletRequest, httpServletResponse);
    }

    private static boolean isUserLoggedIn(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        GenericValue genericValue = (GenericValue) session.getAttribute("userLogin");
        if (genericValue == null) {
            return false;
        }
        String string = genericValue.getString("hasLoggedOut");
        if (string != null && "N".equals(string)) {
            return true;
        }
        session.setAttribute("userLogin", (Object) null);
        return false;
    }

    private static String loginUserWithUserLoginId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            GenericValue findOne = ((Delegator) httpServletRequest.getAttribute("delegator")).findOne("UserLogin", false, new Object[]{"userLoginId", str});
            if (findOne == null) {
                return "error";
            }
            String string = findOne.getString("enabled");
            if (string != null && !"Y".equals(string)) {
                return "error";
            }
            findOne.set("hasLoggedOut", "N");
            findOne.store();
            return doMainLogin(httpServletRequest, httpServletResponse, findOne, getUserLoginSession(findOne));
        } catch (GeneralException e) {
            Debug.logError(e, module);
            return "error";
        }
    }

    public static String checkRequestHeaderLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String propertyValue = UtilProperties.getPropertyValue("security.properties", "security.login.http.header", (String) null);
        if (!UtilValidate.isNotEmpty(propertyValue) || isUserLoggedIn(httpServletRequest)) {
            return "success";
        }
        String header = httpServletRequest.getHeader(propertyValue);
        return UtilValidate.isNotEmpty(header) ? loginUserWithUserLoginId(httpServletRequest, httpServletResponse, header) : "error";
    }

    public static String checkServletRequestRemoteUserLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!Boolean.valueOf("true".equals(UtilProperties.getPropertyValue("security", "security.login.http.servlet.remoteuserlogin.allow", "false"))).booleanValue() || isUserLoggedIn(httpServletRequest)) {
            return "success";
        }
        String remoteUser = httpServletRequest.getRemoteUser();
        return UtilValidate.isNotEmpty(remoteUser) ? loginUserWithUserLoginId(httpServletRequest, httpServletResponse, remoteUser) : "error";
    }

    public static String check509CertLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GenericValue findOne;
        String string;
        String string2;
        if (!"true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "security.login.cert.allow", "true"))) {
            return "success";
        }
        Delegator delegator = (Delegator) httpServletRequest.getAttribute("delegator");
        GenericValue genericValue = (GenericValue) httpServletRequest.getSession().getAttribute("userLogin");
        if (genericValue != null && (string2 = genericValue.getString("hasLoggedOut")) != null && "Y".equals(string2)) {
            genericValue = null;
        }
        String propertyValue = UtilProperties.getPropertyValue("security.properties", "security.login.cert.pattern", "(.*)");
        Pattern compile = Pattern.compile(propertyValue);
        if (genericValue != null) {
            return "success";
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr == null) {
            x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.net.ssl.peer_certificates");
        }
        if (x509CertificateArr == null) {
            return "success";
        }
        String str = null;
        for (int i = 0; i < x509CertificateArr.length; i++) {
            Map certX500Map = KeyStoreUtil.getCertX500Map(x509CertificateArr[i]);
            if (i == 0) {
                Matcher matcher = compile.matcher(((String) certX500Map.get("CN")).replaceAll("\\\\", ""));
                if (matcher.matches()) {
                    str = matcher.group(1);
                } else {
                    Debug.log("Client certificate CN does not match pattern: [" + propertyValue + "]", module);
                }
            }
            try {
                if (checkValidIssuer(delegator, certX500Map, x509CertificateArr[i].getSerialNumber()) && (findOne = delegator.findOne("UserLogin", false, new Object[]{"userLoginId", str})) != null && ((string = findOne.getString("enabled")) == null || "Y".equals(string))) {
                    findOne.set("hasLoggedOut", "N");
                    findOne.store();
                    return doMainLogin(httpServletRequest, httpServletResponse, findOne, getUserLoginSession(findOne));
                }
            } catch (GeneralException e) {
                Debug.logError(e, module);
            }
        }
        return "success";
    }

    protected static boolean checkValidIssuer(Delegator delegator, Map<String, String> map, BigInteger bigInteger) throws GeneralException {
        FastList newInstance = FastList.newInstance();
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"commonName", map.get("CN")}), EntityCondition.makeConditionMap(new Object[]{"commonName", null}), EntityCondition.makeConditionMap(new Object[]{"commonName", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"organizationalUnit", map.get("OU")}), EntityCondition.makeConditionMap(new Object[]{"organizationalUnit", null}), EntityCondition.makeConditionMap(new Object[]{"organizationalUnit", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"organizationName", map.get("O")}), EntityCondition.makeConditionMap(new Object[]{"organizationName", null}), EntityCondition.makeConditionMap(new Object[]{"organizationName", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"cityLocality", map.get("L")}), EntityCondition.makeConditionMap(new Object[]{"cityLocality", null}), EntityCondition.makeConditionMap(new Object[]{"cityLocality", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"stateProvince", map.get("ST")}), EntityCondition.makeConditionMap(new Object[]{"stateProvince", null}), EntityCondition.makeConditionMap(new Object[]{"stateProvince", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"country", map.get("C")}), EntityCondition.makeConditionMap(new Object[]{"country", null}), EntityCondition.makeConditionMap(new Object[]{"country", ""})}));
        newInstance.add(EntityCondition.makeCondition(EntityOperator.OR, new EntityFieldMap[]{EntityCondition.makeConditionMap(new Object[]{"serialNumber", bigInteger.toString(16)}), EntityCondition.makeConditionMap(new Object[]{"serialNumber", null}), EntityCondition.makeConditionMap(new Object[]{"serialNumber", ""})}));
        EntityConditionList makeCondition = EntityCondition.makeCondition(newInstance);
        Debug.logInfo("Doing issuer lookup: " + makeCondition.toString(), module);
        return delegator.findCountByCondition("X509IssuerProvision", makeCondition, (EntityCondition) null, (EntityFindOptions) null) > 0;
    }

    public static String checkExternalLoginKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter(EXTERNAL_LOGIN_KEY_ATTR);
        if (parameter == null) {
            return "success";
        }
        GenericValue genericValue = externalLoginKeys.get(parameter);
        if (genericValue == null) {
            Debug.logWarning("Could not find userLogin for external login key: " + parameter, module);
            return "success";
        }
        String delegatorName = ((Delegator) httpServletRequest.getAttribute("delegator")).getDelegatorName();
        ServletContext servletContext = session.getServletContext();
        if (!delegatorName.equals(genericValue.getDelegator().getDelegatorName())) {
            Delegator delegator = DelegatorFactory.getDelegator(genericValue.getDelegator().getDelegatorName());
            setWebContextObjects(httpServletRequest, httpServletResponse, delegator, ContextFilter.makeWebappDispatcher(servletContext, delegator));
        }
        GenericValue genericValue2 = (GenericValue) session.getAttribute("userLogin");
        if (genericValue2 != null) {
            if (genericValue2.getString("userLoginId").equals(genericValue.getString("userLoginId"))) {
                return "success";
            }
            logout(httpServletRequest, httpServletResponse);
        }
        doBasicLogin(genericValue, httpServletRequest);
        return "success";
    }

    public static boolean isFlaggedLoggedOut(GenericValue genericValue) {
        if ("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "login.disable.global.logout"))) {
            return false;
        }
        if (genericValue == null || genericValue.get("userLoginId") == null) {
            return true;
        }
        try {
            genericValue.refreshFromCache();
        } catch (GenericEntityException e) {
            Debug.logWarning(e, "Unable to refresh UserLogin", module);
        }
        if (genericValue.get("hasLoggedOut") != null) {
            return "Y".equalsIgnoreCase(genericValue.getString("hasLoggedOut"));
        }
        return false;
    }

    protected static boolean hasBasePermission(GenericValue genericValue, HttpServletRequest httpServletRequest) {
        ServletContext servletContext = (ServletContext) httpServletRequest.getAttribute("servletContext");
        Authorization authorization = (Authorization) httpServletRequest.getAttribute("authz");
        Security security = (Security) httpServletRequest.getAttribute("security");
        String str = (String) servletContext.getAttribute("_serverId");
        String contextPath = httpServletRequest.getContextPath();
        ComponentConfig.WebappInfo webAppInfo = ComponentConfig.getWebAppInfo(str, contextPath);
        if (security == null) {
            Debug.logWarning("Received a null Security object from HttpServletRequest", module);
            return true;
        }
        if (webAppInfo == null) {
            Debug.logInfo("No webapp configuration found for : " + str + " / " + contextPath, module);
            return true;
        }
        for (String str2 : webAppInfo.getBasePermission()) {
            if (!"NONE".equals(str2) && !security.hasEntityPermission(str2, "_VIEW", genericValue) && !authorization.hasPermission(genericValue.getString("userLoginId"), str2, (Map) null)) {
                return false;
            }
        }
        return true;
    }

    public static Map<String, Object> getUserLoginSession(GenericValue genericValue) {
        Delegator delegator = genericValue.getDelegator();
        Map<String, Object> map = null;
        try {
            GenericValue relatedOne = genericValue.getRelatedOne("UserLoginSession");
            if (relatedOne != null) {
                map = UtilGenerics.checkMap(XmlSerializer.deserialize(relatedOne.getString("sessionData"), delegator), String.class, Object.class);
            }
        } catch (Exception e) {
            Debug.logWarning(e, "Problems deserializing UserLoginSession", module);
        } catch (GenericEntityException e2) {
            Debug.logWarning(e2, "Cannot get UserLoginSession for UserLogin ID: " + genericValue.getString("userLoginId"), module);
        }
        return map;
    }
}
