package org.alfresco.repo.web.scripts.portlet;

import javax.portlet.PortletSession;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import javax.transaction.UserTransaction;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.model.Repository;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.bean.repository.User;
import org.alfresco.web.scripts.Authenticator;
import org.alfresco.web.scripts.Description;
import org.alfresco.web.scripts.portlet.PortletAuthenticatorFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/alfresco/repo/web/scripts/portlet/WebClientPortletAuthenticatorFactory.class */
public class WebClientPortletAuthenticatorFactory implements PortletAuthenticatorFactory {
    private static final Log logger = LogFactory.getLog(WebClientPortletAuthenticatorFactory.class);
    private AuthenticationService authenticationService;
    private TransactionService transactionService;
    private Repository repository;

    /* loaded from: input_file:org/alfresco/repo/web/scripts/portlet/WebClientPortletAuthenticatorFactory$WebClientPortletAuthenticator.class */
    public class WebClientPortletAuthenticator implements Authenticator {
        private RenderRequest req;
        private RenderResponse res;

        public WebClientPortletAuthenticator(RenderRequest renderRequest, RenderResponse renderResponse) {
            this.req = renderRequest;
            this.res = renderResponse;
        }

        public boolean authenticate(Description.RequiredAuthentication requiredAuthentication, boolean z) {
            PortletSession portletSession = this.req.getPortletSession();
            String str = (String) this.req.getPortletSession().getAttribute("alfportletusername");
            if (str == null) {
                str = this.req.getRemoteUser();
            }
            if (WebClientPortletAuthenticatorFactory.logger.isDebugEnabled()) {
                WebClientPortletAuthenticatorFactory.logger.debug("JSR-168 Remote user: " + str);
            }
            if (z || str == null) {
                if (WebClientPortletAuthenticatorFactory.logger.isDebugEnabled()) {
                    WebClientPortletAuthenticatorFactory.logger.debug("Authenticating as Guest");
                }
                AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getGuestUserName());
                if (WebClientPortletAuthenticatorFactory.logger.isDebugEnabled()) {
                    WebClientPortletAuthenticatorFactory.logger.debug("Setting Web Client authentication context for guest");
                }
                createWebClientUser(portletSession);
                removeSessionInvalidated(portletSession);
                return true;
            }
            if (WebClientPortletAuthenticatorFactory.logger.isDebugEnabled()) {
                WebClientPortletAuthenticatorFactory.logger.debug("Authenticating as user " + str);
            }
            AuthenticationUtil.setFullyAuthenticatedUser(str);
            User webClientUser = getWebClientUser(portletSession);
            if (webClientUser != null && str.equals(webClientUser.getUserName())) {
                return true;
            }
            if (WebClientPortletAuthenticatorFactory.logger.isDebugEnabled()) {
                WebClientPortletAuthenticatorFactory.logger.debug("Setting Web Client authentication context for user " + str);
            }
            createWebClientUser(portletSession);
            removeSessionInvalidated(portletSession);
            return true;
        }

        public boolean emptyCredentials() {
            String str = (String) this.req.getPortletSession().getAttribute("alfportletusername");
            if (str == null) {
                str = this.req.getRemoteUser();
            }
            return str == null;
        }

        private void removeSessionInvalidated(PortletSession portletSession) {
            portletSession.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED, 1);
        }

        private void createWebClientUser(PortletSession portletSession) {
            UserTransaction userTransaction = null;
            try {
                userTransaction = WebClientPortletAuthenticatorFactory.this.transactionService.getUserTransaction();
                userTransaction.begin();
                NodeRef person = WebClientPortletAuthenticatorFactory.this.repository.getPerson();
                User user = new User(WebClientPortletAuthenticatorFactory.this.authenticationService.getCurrentUserName(), WebClientPortletAuthenticatorFactory.this.authenticationService.getCurrentTicket(), person);
                NodeRef userHome = WebClientPortletAuthenticatorFactory.this.repository.getUserHome(person);
                if (userHome != null) {
                    user.setHomeSpaceId(userHome.getId());
                }
                portletSession.setAttribute(AuthenticationHelper.AUTHENTICATION_USER, user, 1);
                userTransaction.commit();
            } catch (Throwable th) {
                if (userTransaction != null) {
                    try {
                        userTransaction.rollback();
                    } catch (Exception e) {
                    }
                }
            }
        }

        private User getWebClientUser(PortletSession portletSession) {
            SessionUser sessionUser = (SessionUser) portletSession.getAttribute(AuthenticationHelper.AUTHENTICATION_USER, 1);
            if (sessionUser instanceof User) {
                return (User) sessionUser;
            }
            return null;
        }
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setRepository(Repository repository) {
        this.repository = repository;
    }

    public void setTransactionService(TransactionService transactionService) {
        this.transactionService = transactionService;
    }

    public Authenticator create(RenderRequest renderRequest, RenderResponse renderResponse) {
        return new WebClientPortletAuthenticator(renderRequest, renderResponse);
    }
}
