package org.apache.wiki.auth;

import java.io.IOException;
import java.security.Principal;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.WeakHashMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.apache.wiki.ajax.AjaxUtil;
import org.apache.wiki.ajax.WikiAjaxDispatcherServlet;
import org.apache.wiki.ajax.WikiAjaxServlet;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.core.Engine;
import org.apache.wiki.api.core.Session;
import org.apache.wiki.api.exceptions.NoRequiredPropertyException;
import org.apache.wiki.api.exceptions.WikiException;
import org.apache.wiki.api.filters.PageFilter;
import org.apache.wiki.auth.permissions.AllPermission;
import org.apache.wiki.auth.permissions.WikiPermission;
import org.apache.wiki.auth.user.DummyUserDatabase;
import org.apache.wiki.auth.user.DuplicateUserException;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.UserProfile;
import org.apache.wiki.event.WikiEventListener;
import org.apache.wiki.event.WikiEventManager;
import org.apache.wiki.filters.FilterManager;
import org.apache.wiki.filters.SpamFilter;
import org.apache.wiki.i18n.InternationalizationManager;
import org.apache.wiki.pages.PageManager;
import org.apache.wiki.preferences.Preferences;
import org.apache.wiki.tasks.TasksManager;
import org.apache.wiki.ui.InputValidator;
import org.apache.wiki.util.ClassUtil;
import org.apache.wiki.util.TextUtil;
import org.apache.wiki.workflow.Decision;
import org.apache.wiki.workflow.DecisionRequiredException;
import org.apache.wiki.workflow.Fact;
import org.apache.wiki.workflow.Step;
import org.apache.wiki.workflow.Workflow;
import org.apache.wiki.workflow.WorkflowBuilder;
import org.apache.wiki.workflow.WorkflowManager;

/* loaded from: input_file:org/apache/wiki/auth/DefaultUserManager.class */
public class DefaultUserManager implements UserManager {
    private static final String USERDATABASE_PACKAGE = "org.apache.wiki.auth.user";
    private static final String SESSION_MESSAGES = "profile";
    private static final String PARAM_EMAIL = "email";
    private static final String PARAM_FULLNAME = "fullname";
    private static final String PARAM_PASSWORD = "password";
    private static final String PARAM_LOGINNAME = "loginname";
    private static final String UNKNOWN_CLASS = "<unknown>";
    private Engine m_engine;
    private static final Logger log = Logger.getLogger(DefaultUserManager.class);
    private final Map<Session, UserProfile> m_profiles = new WeakHashMap();
    private UserDatabase m_database;

    /* loaded from: input_file:org/apache/wiki/auth/DefaultUserManager$JSONUserModule.class */
    public static final class JSONUserModule implements WikiAjaxServlet {
        private volatile DefaultUserManager m_manager;

        public JSONUserModule(DefaultUserManager defaultUserManager) {
            this.m_manager = defaultUserManager;
        }

        @Override // org.apache.wiki.ajax.WikiAjaxServlet
        public String getServletMapping() {
            return "users";
        }

        @Override // org.apache.wiki.ajax.WikiAjaxServlet
        public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, List<String> list) throws ServletException, IOException {
            try {
                if (list.size() < 1) {
                    return;
                }
                String str2 = list.get(0);
                DefaultUserManager.log.debug("uid=" + str2);
                if (StringUtils.isNotBlank(str2)) {
                    httpServletResponse.getWriter().write(AjaxUtil.toJson(getUserInfo(str2)));
                }
            } catch (NoSuchPrincipalException e) {
                throw new ServletException(e);
            }
        }

        public UserProfile getUserInfo(String str) throws NoSuchPrincipalException {
            if (this.m_manager != null) {
                return this.m_manager.getUserDatabase().find(str);
            }
            throw new IllegalStateException("The manager is offline.");
        }
    }

    public void initialize(Engine engine, Properties properties) {
        this.m_engine = engine;
        addWikiEventListener((WikiEventListener) engine.getManager(PageManager.class));
        WikiAjaxDispatcherServlet.registerServlet("users", new JSONUserModule(this), new AllPermission(null));
    }

    /* JADX WARN: Type inference failed for: r6v4, types: [java.lang.Throwable, org.apache.wiki.auth.WikiSecurityException] */
    @Override // org.apache.wiki.auth.UserManager
    public UserDatabase getUserDatabase() {
        if (this.m_database != null) {
            return this.m_database;
        }
        String str = UNKNOWN_CLASS;
        try {
            try {
                try {
                    try {
                        try {
                            str = TextUtil.getRequiredProperty(this.m_engine.getWikiProperties(), UserManager.PROP_DATABASE);
                            log.info("Attempting to load user database class " + str);
                            this.m_database = (UserDatabase) ClassUtil.findClass(USERDATABASE_PACKAGE, str).newInstance();
                            this.m_database.initialize(this.m_engine, this.m_engine.getWikiProperties());
                            log.info("UserDatabase initialized.");
                            if (this.m_database == null) {
                                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                                this.m_database = new DummyUserDatabase();
                            }
                        } catch (WikiSecurityException e) {
                            log.error("Exception initializing user database: " + e.getMessage(), (Throwable) e);
                            if (this.m_database == null) {
                                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                                this.m_database = new DummyUserDatabase();
                            }
                        }
                    } catch (InstantiationException e2) {
                        log.error("UserDatabase class " + str + " cannot be created", e2);
                        if (this.m_database == null) {
                            log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                            this.m_database = new DummyUserDatabase();
                        }
                    }
                } catch (ClassNotFoundException e3) {
                    log.error("UserDatabase class " + str + " cannot be found", e3);
                    if (this.m_database == null) {
                        log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                        this.m_database = new DummyUserDatabase();
                    }
                }
            } catch (IllegalAccessException e4) {
                log.error("You are not allowed to access this user database class", e4);
                if (this.m_database == null) {
                    log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                    this.m_database = new DummyUserDatabase();
                }
            } catch (NoSuchElementException | NoRequiredPropertyException e5) {
                log.error("You have not set the 'jspwiki.userdatabase'. You need to do this if you want to enable user management by JSPWiki.", e5);
                if (this.m_database == null) {
                    log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                    this.m_database = new DummyUserDatabase();
                }
            }
            return this.m_database;
        } catch (Throwable th) {
            if (this.m_database == null) {
                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                this.m_database = new DummyUserDatabase();
            }
            throw th;
        }
    }

    @Override // org.apache.wiki.auth.UserManager
    public UserProfile getUserProfile(Session session) {
        UserProfile userProfile = this.m_profiles.get(session);
        boolean z = userProfile == null;
        Principal principal = null;
        if (session.isAuthenticated()) {
            principal = session.getUserPrincipal();
            try {
                userProfile = getUserDatabase().find(principal.getName());
                z = false;
            } catch (NoSuchPrincipalException e) {
            }
        }
        if (z) {
            userProfile = getUserDatabase().newProfile();
            if (principal != null) {
                userProfile.setLoginName(principal.getName());
            }
            if (!userProfile.isNew()) {
                throw new IllegalStateException("New profile should be marked 'new'. Check your UserProfile implementation.");
            }
        }
        this.m_profiles.put(session, userProfile);
        return userProfile;
    }

    @Override // org.apache.wiki.auth.UserManager
    public void setUserProfile(Context context, UserProfile userProfile) throws DuplicateUserException, WikiException {
        UserProfile findByFullName;
        UserProfile findByLoginName;
        Session wikiSession = context.getWikiSession();
        if (!((AuthorizationManager) this.m_engine.getManager(AuthorizationManager.class)).checkPermission(wikiSession, new WikiPermission(this.m_engine.getApplicationName(), WikiPermission.EDIT_PROFILE_ACTION))) {
            throw new WikiSecurityException("You are not allowed to save wiki profiles.");
        }
        boolean isNew = userProfile.isNew();
        UserProfile userProfile2 = getUserProfile(wikiSession);
        boolean z = (userProfile2 == null || userProfile2.getFullname() == null || (userProfile2.getFullname().equals(userProfile.getFullname()) && userProfile2.getLoginName().equals(userProfile.getLoginName()))) ? false : true;
        try {
            findByLoginName = getUserDatabase().findByLoginName(userProfile.getLoginName());
        } catch (NoSuchPrincipalException e) {
        }
        if (findByLoginName != null && !findByLoginName.equals(userProfile2)) {
            throw new DuplicateUserException("security.error.login.taken", userProfile.getLoginName());
        }
        try {
            findByFullName = getUserDatabase().findByFullName(userProfile.getFullname());
        } catch (NoSuchPrincipalException e2) {
        }
        if (findByFullName != null && !findByFullName.equals(userProfile2)) {
            throw new DuplicateUserException("security.error.fullname.taken", userProfile.getFullname());
        }
        if (isNew && userProfile2 != null && userProfile2.isNew()) {
            startUserProfileCreationWorkflow(context, userProfile);
            try {
                AuthenticationManager authenticationManager = (AuthenticationManager) this.m_engine.getManager(AuthenticationManager.class);
                if (!authenticationManager.isContainerAuthenticated()) {
                    authenticationManager.login(wikiSession, null, userProfile.getLoginName(), userProfile.getPassword());
                }
                fireEvent(53, wikiSession, userProfile);
                return;
            } catch (WikiException e3) {
                throw new WikiSecurityException(e3.getMessage(), e3);
            }
        }
        if (z && !userProfile2.getLoginName().equals(userProfile.getLoginName())) {
            getUserDatabase().rename(userProfile2.getLoginName(), userProfile.getLoginName());
        }
        getUserDatabase().save(userProfile);
        if (z) {
            fireEvent(54, wikiSession, new UserProfile[]{userProfile2, userProfile});
        } else {
            fireEvent(53, wikiSession, userProfile);
        }
    }

    @Override // org.apache.wiki.auth.UserManager
    public void startUserProfileCreationWorkflow(Context context, UserProfile userProfile) throws WikiException {
        WorkflowBuilder builder = WorkflowBuilder.getBuilder(this.m_engine);
        Principal userPrincipal = context.getWikiSession().getUserPrincipal();
        Step buildSaveUserProfileTask = ((TasksManager) this.m_engine.getManager(TasksManager.class)).buildSaveUserProfileTask(context.getWikiSession().getLocale());
        boolean z = userProfile.getEmail() != null;
        Fact[] factArr = new Fact[z ? 4 : 3];
        factArr[0] = new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_FULL_NAME, userProfile.getFullname());
        factArr[1] = new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_LOGIN_NAME, userProfile.getLoginName());
        factArr[2] = new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_SUBMITTER, userPrincipal.getName());
        if (z) {
            factArr[3] = new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_EMAIL, userProfile.getEmail());
        }
        Workflow buildApprovalWorkflow = builder.buildApprovalWorkflow(userPrincipal, WorkflowManager.WF_UP_CREATE_SAVE_APPROVER, null, WorkflowManager.WF_UP_CREATE_SAVE_DECISION_MESSAGE_KEY, factArr, buildSaveUserProfileTask, null);
        buildApprovalWorkflow.setAttribute(WorkflowManager.WF_UP_CREATE_SAVE_ATTR_SAVED_PROFILE, userProfile);
        buildApprovalWorkflow.start(context);
        if (buildApprovalWorkflow.getCurrentStep() instanceof Decision) {
            throw new DecisionRequiredException("This profile must be approved before it becomes active");
        }
    }

    @Override // org.apache.wiki.auth.UserManager
    public UserProfile parseProfile(Context context) {
        UserProfile userProfile = getUserProfile(context.getWikiSession());
        HttpServletRequest httpRequest = context.getHttpRequest();
        String parameter = httpRequest.getParameter(PARAM_LOGINNAME);
        String parameter2 = httpRequest.getParameter("password");
        String parameter3 = httpRequest.getParameter(PARAM_FULLNAME);
        String parameter4 = httpRequest.getParameter("email");
        String str = InputValidator.isBlank(parameter) ? null : parameter;
        String str2 = InputValidator.isBlank(parameter2) ? null : parameter2;
        String str3 = InputValidator.isBlank(parameter3) ? null : parameter3;
        String str4 = InputValidator.isBlank(parameter4) ? null : parameter4;
        if (((AuthenticationManager) this.m_engine.getManager(AuthenticationManager.class)).isContainerAuthenticated() && context.getWikiSession().isAuthenticated()) {
            str = context.getWikiSession().getLoginPrincipal().getName();
        }
        userProfile.setLoginName(str);
        userProfile.setEmail(str4);
        userProfile.setFullname(str3);
        userProfile.setPassword(str2);
        return userProfile;
    }

    @Override // org.apache.wiki.auth.UserManager
    public void validateProfile(Context context, UserProfile userProfile) {
        boolean isNew = userProfile.isNew();
        Session wikiSession = context.getWikiSession();
        InputValidator inputValidator = new InputValidator(SESSION_MESSAGES, context);
        ResourceBundle bundle = Preferences.getBundle(context, InternationalizationManager.CORE_BUNDLE);
        Iterator<PageFilter> it = ((FilterManager) this.m_engine.getManager(FilterManager.class)).getFilterList().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SpamFilter spamFilter = (PageFilter) it.next();
            if (spamFilter instanceof SpamFilter) {
                if (!spamFilter.isValidUserProfile(context, userProfile)) {
                    wikiSession.addMessage(SESSION_MESSAGES, "Invalid userprofile");
                    return;
                }
            }
        }
        if (((AuthenticationManager) this.m_engine.getManager(AuthenticationManager.class)).isContainerAuthenticated() && !context.getWikiSession().isAuthenticated()) {
            wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.createprofilebeforelogin"));
        }
        inputValidator.validateNotNull(userProfile.getLoginName(), bundle.getString("security.user.loginname"));
        inputValidator.validateNotNull(userProfile.getFullname(), bundle.getString("security.user.fullname"));
        inputValidator.validate(userProfile.getEmail(), bundle.getString("security.user.email"), 1);
        if (!((AuthenticationManager) this.m_engine.getManager(AuthenticationManager.class)).isContainerAuthenticated()) {
            String password = userProfile.getPassword();
            if (password != null) {
                HttpServletRequest httpRequest = context.getHttpRequest();
                if (!password.equals(httpRequest == null ? null : httpRequest.getParameter("password2"))) {
                    wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.passwordnomatch"));
                }
            } else if (isNew) {
                wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.blankpassword"));
            }
        }
        String fullname = userProfile.getFullname();
        String loginName = userProfile.getLoginName();
        String email = userProfile.getEmail();
        try {
            UserProfile find = getUserDatabase().find(fullname);
            if (find != null && !userProfile.equals(find) && !fullname.equals(find.getFullname())) {
                wikiSession.addMessage(SESSION_MESSAGES, MessageFormat.format(bundle.getString("security.error.illegalfullname"), fullname));
            }
        } catch (NoSuchPrincipalException e) {
        }
        try {
            UserProfile find2 = getUserDatabase().find(loginName);
            if (find2 != null && !userProfile.equals(find2) && !loginName.equals(find2.getLoginName())) {
                wikiSession.addMessage(SESSION_MESSAGES, MessageFormat.format(bundle.getString("security.error.illegalloginname"), loginName));
            }
        } catch (NoSuchPrincipalException e2) {
        }
        try {
            UserProfile findByEmail = getUserDatabase().findByEmail(email);
            if (findByEmail != null && !userProfile.getUid().equals(findByEmail.getUid()) && !userProfile.equals(findByEmail) && StringUtils.lowerCase(email).equals(StringUtils.lowerCase(findByEmail.getEmail()))) {
                wikiSession.addMessage(SESSION_MESSAGES, MessageFormat.format(bundle.getString("security.error.email.taken"), email));
            }
        } catch (NoSuchPrincipalException e3) {
        }
    }

    @Override // org.apache.wiki.auth.UserManager
    public Principal[] listWikiNames() throws WikiSecurityException {
        return getUserDatabase().getWikiNames();
    }

    @Override // org.apache.wiki.auth.UserManager
    public synchronized void addWikiEventListener(WikiEventListener wikiEventListener) {
        WikiEventManager.addWikiEventListener(this, wikiEventListener);
    }

    @Override // org.apache.wiki.auth.UserManager
    public synchronized void removeWikiEventListener(WikiEventListener wikiEventListener) {
        WikiEventManager.removeWikiEventListener(this, wikiEventListener);
    }
}
