package fr.ifremer.allegro.obsdeb.security;

import com.google.common.base.Objects;
import com.google.common.base.Preconditions;
import fr.ifremer.adagio.core.dao.administration.user.DepartmentJdbcDao;
import fr.ifremer.adagio.core.dao.administration.user.PersonJdbcDao;
import fr.ifremer.adagio.core.vo.administration.user.PersonVO;
import fr.ifremer.adagio.synchro.config.SynchroConfiguration;
import fr.ifremer.allegro.obsdeb.config.ObsdebConfiguration;
import fr.ifremer.allegro.obsdeb.dao.DaoUtils;
import fr.ifremer.allegro.obsdeb.security.remote.AuthenticationRemoteService;
import fr.ifremer.allegro.obsdeb.service.ObsdebTechnicalException;
import fr.ifremer.allegro.obsdeb.service.administration.user.PersonService;
import fr.ifremer.allegro.obsdeb.service.synchro.SynchroRemoteService;
import java.util.Properties;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;

@Service("obsdebSecurityService")
@Lazy
/* loaded from: input_file:fr/ifremer/allegro/obsdeb/security/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static final Log log = LogFactory.getLog(SecurityServiceImpl.class);

    @Autowired
    protected ObsdebConfiguration config;

    @Autowired
    protected SynchroConfiguration synchroConfig;

    @Autowired
    protected PersonService personService;

    @Autowired
    protected AuthenticationRemoteService authRemoteService;

    @Autowired
    protected SynchroRemoteService synchroRemoteService;

    @Autowired
    protected PersonJdbcDao personJdbcDao;

    @Autowired
    protected DepartmentJdbcDao departmentJdbcDao;

    @Override // fr.ifremer.allegro.obsdeb.security.SecurityService
    public void authenticate(AuthenticationInfo authenticationInfo) throws AuthenticationException {
        if (this.config.isAuthenticationUsingMock()) {
            authenticateUsingMock(authenticationInfo);
            return;
        }
        if (this.config.isSynchronizationEnabled() && !this.config.isSynchronizationUsingSynchroServer()) {
            authenticateUsingDatabaseServer(authenticationInfo);
        } else if (this.config.isSynchronizationEnabled()) {
            authenticateUsingSynchronizationServer(authenticationInfo);
        }
    }

    private void authenticateUsingMock(AuthenticationInfo authenticationInfo) throws AuthenticationException {
        if (!SecurityContextHelper.authenticate(authenticationInfo.getLogin(), authenticationInfo.getPassword())) {
            throw new AuthenticationException("authenticate.badCredential", authenticationInfo.getLogin());
        }
    }

    private void authenticateUsingDatabaseServer(AuthenticationInfo authenticationInfo) throws AuthenticationException {
        boolean z = false;
        if (this.personService.hasPassword(authenticationInfo.getLogin())) {
            z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), authenticationInfo.getPassword());
        }
        boolean z2 = false;
        if (!z && this.authRemoteService.canAuthenticate(authenticationInfo)) {
            this.personService.resetPassword(authenticationInfo.getLogin());
            z2 = true;
            z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), null);
            if (!z && tryUpdatePersonFromDatabaseServer(authenticationInfo)) {
                z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), authenticationInfo.getPassword());
                z2 = false;
            }
        }
        if (z && z2) {
            this.personService.updatePasswordByPersonId(SecurityContextHelper.getObsdebUserId(), authenticationInfo.getPassword());
        }
        if (!z) {
            throw new AuthenticationException("authenticate.notFound", authenticationInfo.getLogin());
        }
    }

    private boolean tryUpdatePersonFromDatabaseServer(AuthenticationInfo authenticationInfo) {
        Properties importConnectionProperties = this.synchroConfig.getImportConnectionProperties();
        Preconditions.checkArgument(StringUtils.isNotEmpty(DaoUtils.getJdbcPassword(importConnectionProperties)));
        Preconditions.checkArgument(StringUtils.isNotEmpty(DaoUtils.getUrl(importConnectionProperties)));
        if (!DaoUtils.isValidConnectionProperties(importConnectionProperties)) {
            throw new ObsdebTechnicalException("authenticate.database.connection");
        }
        Integer userIdByUsername = this.personJdbcDao.getUserIdByUsername(importConnectionProperties, authenticationInfo.getLogin());
        if (userIdByUsername == null) {
            throw new AuthenticationException("authenticate.username.notInServerDb", authenticationInfo.getLogin());
        }
        PersonVO personById = this.personJdbcDao.getPersonById(importConnectionProperties, userIdByUsername.intValue());
        if (!Objects.equal(personById.getUsername(), authenticationInfo.getLogin()) && !Objects.equal(personById.getUsernameExtranet(), authenticationInfo.getLogin())) {
            log.warn(String.format("Central server send a bad person, with wrong login: expected [%s] but found [username=%s] and [usernameExtranet=%s]. Check configuration on central server.", authenticationInfo.getLogin(), personById.getUsername(), personById.getUsernameExtranet()));
            return false;
        }
        personById.setUserProfiles(this.personJdbcDao.getUserProfilesByPersonId(importConnectionProperties, userIdByUsername.intValue()));
        personById.setDepartment(this.departmentJdbcDao.getDepartmentById(importConnectionProperties, personById.getDepartmentId().intValue()));
        if (log.isDebugEnabled()) {
            log.debug("Will save person, retrieve from central server: " + ToStringBuilder.reflectionToString(personById, ToStringStyle.SHORT_PREFIX_STYLE));
        }
        this.personService.save(personById, true);
        this.personService.updatePasswordByPersonId(userIdByUsername.intValue(), authenticationInfo.getPassword());
        return true;
    }

    private void authenticateUsingSynchronizationServer(AuthenticationInfo authenticationInfo) {
        boolean z = false;
        if (this.personService.hasPassword(authenticationInfo.getLogin())) {
            z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), authenticationInfo.getPassword());
        }
        boolean z2 = false;
        if (!z && this.authRemoteService.canAuthenticate(authenticationInfo)) {
            this.personService.resetPassword(authenticationInfo.getLogin());
            z2 = true;
            z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), null);
            if (!z && tryUpdatePersonFromSynchroServer(authenticationInfo)) {
                z = SecurityContextHelper.authenticate(authenticationInfo.getLogin(), authenticationInfo.getPassword());
                z2 = false;
            }
        }
        if (z && z2) {
            this.personService.updatePasswordByPersonId(SecurityContextHelper.getObsdebUserId(), authenticationInfo.getPassword());
        }
        if (!z) {
            throw new AuthenticationException("authenticate.notFound", authenticationInfo.getLogin());
        }
    }

    private boolean tryUpdatePersonFromSynchroServer(AuthenticationInfo authenticationInfo) {
        try {
            PersonVO person = this.synchroRemoteService.getPerson(authenticationInfo);
            if (person == null) {
                return false;
            }
            if (!Objects.equal(person.getUsername(), authenticationInfo.getLogin()) && !Objects.equal(person.getUsernameExtranet(), authenticationInfo.getLogin())) {
                log.warn(String.format("Synchronization server send a bad person, with wrong login: expected [%s] but found [username=%s] and [usernameExtranet=%s]. Check configuration on synchro server.", authenticationInfo.getLogin(), person.getUsername(), person.getUsernameExtranet()));
                return false;
            }
            if (log.isDebugEnabled()) {
                log.debug("Will save person, retrieve from synchro server: " + ToStringBuilder.reflectionToString(person, ToStringStyle.SHORT_PREFIX_STYLE));
            }
            this.personService.save(person, true);
            this.personService.updatePasswordByPersonId(person.getId().intValue(), authenticationInfo.getPassword());
            return true;
        } catch (ObsdebTechnicalException e) {
            return false;
        }
    }
}
