package net.bluemind.webmodule.authenticationfilter;

import com.google.common.base.Strings;
import io.netty.handler.codec.http.cookie.DefaultCookie;
import io.netty.handler.codec.http.cookie.ServerCookieEncoder;
import io.vertx.core.Handler;
import io.vertx.core.MultiMap;
import io.vertx.core.Vertx;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import net.bluemind.core.api.AsyncHandler;
import net.bluemind.core.api.fault.ErrorCode;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.keydb.sessiondata.SessionData;
import net.bluemind.webmodule.authenticationfilter.internal.AuthenticationCookie;
import net.bluemind.webmodule.authenticationfilter.internal.ExternalCreds;
import net.bluemind.webmodule.server.CSRFTokenManager;
import net.bluemind.webmodule.server.NeedVertx;
import net.bluemind.webmodule.server.SecurityConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/webmodule/authenticationfilter/FormHandler.class */
public class FormHandler implements Handler<HttpServerRequest>, NeedVertx {
    private static final Logger logger = LoggerFactory.getLogger(FormHandler.class);
    private Vertx vertx;

    public void setVertx(Vertx vertx) {
        this.vertx = vertx;
    }

    public void handle(HttpServerRequest httpServerRequest) {
        if (httpServerRequest.method() != HttpMethod.POST) {
            httpServerRequest.response().end();
        } else {
            httpServerRequest.setExpectMultipart(true);
            httpServerRequest.endHandler(r5 -> {
                loginFormSubmitted(httpServerRequest);
            });
        }
    }

    private void loginFormSubmitted(HttpServerRequest httpServerRequest) {
        MultiMap formAttributes = httpServerRequest.formAttributes();
        String str = formAttributes.get("login");
        String str2 = formAttributes.get("password");
        if (Strings.isNullOrEmpty(str) || !str.contains("@")) {
            error(httpServerRequest, new ServerFault("invalid login", ErrorCode.INVALID_PARAMETER));
            return;
        }
        String str3 = httpServerRequest.headers().contains("user-agent") ? httpServerRequest.headers().get("user-agent") : "";
        if (!"admin0@global.virt".equals(str) && !str3.contains("Thunderbird")) {
            error(httpServerRequest, new ServerFault("invalid request, login: " + str + ", ua: " + str3, ErrorCode.INVALID_PARAMETER));
        } else {
            if (!CSRFTokenManager.INSTANCE.checkToken(httpServerRequest, formAttributes.get("csrfToken"))) {
                error(httpServerRequest, new ServerFault("invalid token", ErrorCode.INVALID_PARAMETER));
                return;
            }
            AuthProvider authProvider = new AuthProvider(this.vertx, str.split("@")[1], true);
            new ExternalCreds().setLoginAtDomain(str);
            createSession(httpServerRequest, str, str2, authProvider);
        }
    }

    private void createSession(final HttpServerRequest httpServerRequest, final String str, String str2, AuthProvider authProvider) {
        final boolean equals = "priv".equals(httpServerRequest.formAttributes().get("priv"));
        ArrayList arrayList = new ArrayList(httpServerRequest.headers().getAll("X-Forwarded-For"));
        arrayList.add(httpServerRequest.remoteAddress().host());
        authProvider.sessionId(str, str2, arrayList, new AsyncHandler<SessionData>() { // from class: net.bluemind.webmodule.authenticationfilter.FormHandler.1
            public void success(SessionData sessionData) {
                MultiMap headers = httpServerRequest.response().headers();
                if (sessionData == null) {
                    FormHandler.logger.error("Error during auth, {} login not valid (not found/archived or not user)", str);
                    headers.add(HttpHeaders.LOCATION, "/errors-pages/deniedAccess.html?login=" + str);
                    httpServerRequest.response().setStatusCode(302);
                    httpServerRequest.response().end();
                    return;
                }
                DefaultCookie defaultCookie = new DefaultCookie(AuthenticationCookie.BMSID, sessionData.authKey);
                defaultCookie.setPath("/");
                defaultCookie.setHttpOnly(true);
                if (SecurityConfig.secureCookies) {
                    defaultCookie.setSecure(true);
                }
                DefaultCookie defaultCookie2 = new DefaultCookie(AuthenticationCookie.BMPRIVACY, Boolean.toString(equals));
                defaultCookie2.setPath("/");
                if (SecurityConfig.secureCookies) {
                    defaultCookie2.setSecure(true);
                }
                headers.add(HttpHeaders.SET_COOKIE, ServerCookieEncoder.LAX.encode(defaultCookie2));
                headers.add(HttpHeaders.SET_COOKIE, ServerCookieEncoder.LAX.encode(defaultCookie));
                headers.add(HttpHeaders.LOCATION, "/");
                httpServerRequest.response().setStatusCode(302);
                httpServerRequest.response().end();
            }

            public void failure(Throwable th) {
                FormHandler.this.error(httpServerRequest, th);
            }
        });
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void error(HttpServerRequest httpServerRequest, Throwable th) {
        MultiMap formAttributes = httpServerRequest.formAttributes();
        String checkAskedUri = checkAskedUri(formAttributes);
        boolean z = 10;
        if (th instanceof ServerFault) {
            ServerFault serverFault = (ServerFault) th;
            if (serverFault.getCode() == ErrorCode.INVALID_PARAMETER) {
                z = true;
            } else if (serverFault.getCode() == ErrorCode.INVALID_PASSWORD) {
                z = 2;
            }
        }
        if (z == 2) {
            logger.warn("Invalid password ({}), display login page.", th.getMessage());
        } else {
            logger.warn("Auth failure ({}), display login page.", th.getMessage(), th);
        }
        String str = (("?authErrorCode=" + z) + "&askedUri=" + URLEncoder.encode(checkAskedUri, StandardCharsets.UTF_8)) + "&userLogin=" + URLEncoder.encode(formAttributes.get("login"), StandardCharsets.UTF_8);
        HttpServerResponse response = httpServerRequest.response();
        DefaultCookie defaultCookie = new DefaultCookie(AuthenticationCookie.BMPRIVACY, Boolean.toString("priv".equals(formAttributes.get("priv"))));
        defaultCookie.setPath("/");
        if (SecurityConfig.secureCookies) {
            defaultCookie.setSecure(true);
        }
        response.headers().add(HttpHeaders.SET_COOKIE, ServerCookieEncoder.LAX.encode(defaultCookie));
        response.headers().add(HttpHeaders.LOCATION, httpServerRequest.scheme() + "://" + httpServerRequest.authority().host() + "/login/native" + str);
        response.setStatusCode(302);
        response.end();
    }

    private String checkAskedUri(MultiMap multiMap) {
        String str = multiMap.get("askedUri") != null ? multiMap.get("askedUri") : "/";
        try {
            new URI(str);
        } catch (URISyntaxException e) {
            logger.warn("asked uri is not un uri : {} ", str, e);
            str = "/";
        }
        return str;
    }
}
