package fr.ifremer.reefdb.ui.swing.util.auth;

import com.google.common.base.Objects;
import fr.ifremer.quadrige2.core.Quadrige2TechnicalException;
import fr.ifremer.quadrige2.core.security.AuthenticationInfo;
import fr.ifremer.quadrige2.core.vo.administration.user.QuserVO;
import fr.ifremer.reefdb.config.ReefDbConfiguration;
import fr.ifremer.reefdb.security.SecurityContextHelper;
import fr.ifremer.reefdb.security.remote.AuthenticationRemoteException;
import fr.ifremer.reefdb.service.ReefDbServiceLocator;
import fr.ifremer.reefdb.service.administration.user.UserService;
import fr.ifremer.reefdb.ui.swing.action.AbstractMainUIAction;
import fr.ifremer.reefdb.ui.swing.action.CloseApplicationAction;
import fr.ifremer.reefdb.ui.swing.content.MainUIHandler;
import javax.swing.SwingUtilities;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuiton.i18n.I18n;
import org.nuiton.jaxx.application.swing.action.AbstractApplicationAction;

/* loaded from: input_file:fr/ifremer/reefdb/ui/swing/util/auth/AuthenticationAction.class */
public class AuthenticationAction extends AbstractMainUIAction {
    private static final Log LOG = LogFactory.getLog(AuthenticationAction.class);
    private AbstractApplicationAction callbackAction;
    private boolean authenticated;
    private boolean authenticationCanceled;

    public AuthenticationAction(MainUIHandler mainUIHandler) {
        this(mainUIHandler, null);
    }

    public AuthenticationAction(MainUIHandler mainUIHandler, AbstractApplicationAction abstractApplicationAction) {
        super(mainUIHandler, true);
        this.callbackAction = abstractApplicationAction;
        setActionDescription(I18n.t("reefdb.action.authenticate.title", new Object[0]));
    }

    public void doAction() throws Exception {
        this.authenticated = false;
        this.authenticationCanceled = false;
        UserService userService = m11getContext().getUserService();
        String str = null;
        if (this.callbackAction != null) {
            str = this.callbackAction.getActionDescription();
        }
        while (!this.authenticated) {
            AuthenticationInfo authenticationInfo = m11getContext().getAuthenticationInfo(str);
            if (authenticationInfo == null || StringUtils.isBlank(authenticationInfo.getLogin())) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("insufficient authentication information, cancelling action");
                }
                this.callbackAction = null;
                this.authenticationCanceled = true;
                if (!m9getConfig().isAuthenticationForced() || m11getContext().isAuthenticated()) {
                    return;
                }
                m11getContext().getErrorHelper().showErrorDialog(I18n.t("reefdb.action.authenticate.forced.message", new Object[0]));
                getActionEngine().runInternalAction(this.handler, CloseApplicationAction.class);
                return;
            }
            String login = authenticationInfo.getLogin();
            if (userService.isLocaUserWithNoPassword(login)) {
                try {
                    if (StringUtils.isNotEmpty(authenticationInfo.getPassword())) {
                        m11getContext().getErrorHelper().showErrorDialog(I18n.t("reefdb.error.authenticate.badCredential", new Object[0]));
                        if (!m9getConfig().isAuthenticationForced()) {
                            return;
                        }
                    } else {
                        this.authenticated = SecurityContextHelper.authenticate(login, (String) null);
                    }
                } catch (AuthenticationRemoteException e) {
                    m11getContext().getErrorHelper().showErrorDialog(e.getLocalizedMessage());
                    if (!m9getConfig().isAuthenticationForced()) {
                        return;
                    }
                }
            } else {
                if (StringUtils.isBlank(authenticationInfo.getPassword())) {
                    throw new AuthenticationRemoteException(I18n.t("reefdb.error.authenticate.badCredential", new Object[0]));
                }
                boolean hasPassword = m9getConfig().isAuthenticationDisabled() ? true : userService.hasPassword(login);
                if (hasPassword) {
                    this.authenticated = SecurityContextHelper.authenticate(login, authenticationInfo.getPassword());
                }
                if (!this.authenticated && ReefDbServiceLocator.instance().getAuthenticationRemoteService().canAuthenticate(authenticationInfo)) {
                    userService.resetPassword(login);
                    hasPassword = false;
                    this.authenticated = SecurityContextHelper.authenticate(login, (String) null);
                    if (!this.authenticated) {
                        if (!tryUpdatePersonFromServer(authenticationInfo)) {
                            throw new AuthenticationRemoteException(I18n.t("reefdb.error.authenticate.badCredential", new Object[0]));
                        }
                        this.authenticated = SecurityContextHelper.authenticate(login, (String) null);
                    }
                }
                if (!this.authenticated) {
                    throw new AuthenticationRemoteException(I18n.t("reefdb.error.authenticate.notFound", new Object[]{login}));
                }
                if (LOG.isDebugEnabled()) {
                    LOG.debug("user '" + login + "' authenticated");
                }
                if (!hasPassword) {
                    userService.updatePasswordByUserId(SecurityContextHelper.getReefDbUser().getPersonId(), authenticationInfo.getPassword());
                }
            }
        }
    }

    @Override // fr.ifremer.reefdb.ui.swing.action.AbstractAction
    public void postSuccessAction() {
        super.postSuccessAction();
        if (this.authenticationCanceled) {
            return;
        }
        m11getContext().setAuthenticated(this.authenticated);
        if (!this.authenticated || this.callbackAction == null) {
            return;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("run callback action " + this.callbackAction.getClass().getSimpleName());
        }
        SwingUtilities.invokeLater(new Runnable() { // from class: fr.ifremer.reefdb.ui.swing.util.auth.AuthenticationAction.1
            @Override // java.lang.Runnable
            public void run() {
                AuthenticationAction.this.getActionEngine().runAction(AuthenticationAction.this.callbackAction);
            }
        });
    }

    @Override // fr.ifremer.reefdb.ui.swing.action.AbstractAction
    public void postFailedAction(Throwable th) {
        super.postFailedAction(th);
        m11getContext().setAuthenticated(false);
    }

    protected boolean tryUpdatePersonFromServer(AuthenticationInfo authenticationInfo) {
        if (!ReefDbConfiguration.getInstance().isSynchronizationEnabled()) {
            return false;
        }
        try {
            QuserVO user = ReefDbServiceLocator.instance().getSynchroRestClientService().getUser(authenticationInfo);
            if (user == null) {
                return false;
            }
            if (!Objects.equal(user.getQuserIntranetLg(), authenticationInfo.getLogin()) && !Objects.equal(user.getQuserExtranetLg(), authenticationInfo.getLogin())) {
                LOG.warn(String.format("Synchronization server send a bad person, with wrong login: expected [%s] but found [username=%s] and [usernameExtranet=%s]. Check configuration on synchro server.", authenticationInfo.getLogin(), user.getQuserIntranetLg(), user.getQuserExtranetLg()));
                return false;
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug("Will save person, retrieve from synchro server: " + ToStringBuilder.reflectionToString(user, ToStringStyle.SHORT_PREFIX_STYLE));
            }
            ReefDbServiceLocator.instance().getUserService().save(user, true);
            return true;
        } catch (Quadrige2TechnicalException e) {
            return false;
        }
    }
}
