package com.liferay.portal.action;

import com.liferay.portal.CookieNotSupportedException;
import com.liferay.portal.NoSuchUserException;
import com.liferay.portal.PasswordExpiredException;
import com.liferay.portal.PortalException;
import com.liferay.portal.SendPasswordException;
import com.liferay.portal.SystemException;
import com.liferay.portal.UserEmailAddressException;
import com.liferay.portal.UserIdException;
import com.liferay.portal.UserLockoutException;
import com.liferay.portal.UserPasswordException;
import com.liferay.portal.UserScreenNameException;
import com.liferay.portal.captcha.CaptchaTextException;
import com.liferay.portal.captcha.CaptchaUtil;
import com.liferay.portal.kernel.servlet.SessionErrors;
import com.liferay.portal.kernel.servlet.SessionMessages;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.model.Company;
import com.liferay.portal.model.User;
import com.liferay.portal.security.auth.AuthException;
import com.liferay.portal.service.UserLocalServiceUtil;
import com.liferay.portal.struts.LastPath;
import com.liferay.portal.theme.ThemeDisplay;
import com.liferay.portal.util.CookieKeys;
import com.liferay.portal.util.PortalUtil;
import com.liferay.portal.util.PropsValues;
import com.liferay.portal.util.WebKeys;
import com.liferay.portlet.enterpriseadmin.search.UserDisplayTerms;
import com.liferay.util.Encryptor;
import com.liferay.util.servlet.SessionParameters;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/* loaded from: input_file:com/liferay/portal/action/LoginAction.class */
public class LoginAction extends Action {
    private static Log _log = LogFactory.getLog(LoginAction.class);

    public static String getLogin(HttpServletRequest httpServletRequest, String str, Company company) throws PortalException, SystemException {
        String parameter = httpServletRequest.getParameter(str);
        if (parameter == null || parameter.equals("null")) {
            parameter = GetterUtil.getString(CookieKeys.getCookie(httpServletRequest, CookieKeys.LOGIN));
            if (PropsValues.COMPANY_LOGIN_PREPOPULATE_DOMAIN && Validator.isNull(parameter) && company.getAuthType().equals("emailAddress")) {
                parameter = "@" + company.getMx();
            }
        }
        return parameter;
    }

    public static void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z) throws Exception {
        CookieKeys.validateSupportCookie(httpServletRequest);
        HttpSession session = httpServletRequest.getSession();
        long j = GetterUtil.getLong(str);
        int i = -1;
        Company company = PortalUtil.getCompany(httpServletRequest);
        HashMap hashMap = new HashMap();
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str3 = (String) headerNames.nextElement();
            Enumeration headers = httpServletRequest.getHeaders(str3);
            ArrayList arrayList = new ArrayList();
            while (headers.hasMoreElements()) {
                arrayList.add((String) headers.nextElement());
            }
            hashMap.put(str3, arrayList.toArray(new String[arrayList.size()]));
        }
        Map parameterMap = httpServletRequest.getParameterMap();
        if (company.getAuthType().equals("emailAddress")) {
            i = UserLocalServiceUtil.authenticateByEmailAddress(company.getCompanyId(), str, str2, hashMap, parameterMap);
            j = UserLocalServiceUtil.getUserIdByEmailAddress(company.getCompanyId(), str);
        } else if (company.getAuthType().equals(UserDisplayTerms.SCREEN_NAME)) {
            i = UserLocalServiceUtil.authenticateByScreenName(company.getCompanyId(), str, str2, hashMap, parameterMap);
            j = UserLocalServiceUtil.getUserIdByScreenName(company.getCompanyId(), str);
        } else if (company.getAuthType().equals("userId")) {
            i = UserLocalServiceUtil.authenticateByUserId(company.getCompanyId(), j, str2, hashMap, parameterMap);
        }
        if (i != 1) {
            throw new AuthException();
        }
        if (PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) {
            Boolean bool = (Boolean) session.getAttribute(WebKeys.HTTPS_INITIAL);
            LastPath lastPath = (LastPath) session.getAttribute(WebKeys.LAST_PATH);
            try {
                session.invalidate();
            } catch (IllegalStateException e) {
                if (_log.isWarnEnabled()) {
                    _log.warn(e.getMessage());
                }
            }
            session = httpServletRequest.getSession(true);
            if (bool != null) {
                session.setAttribute(WebKeys.HTTPS_INITIAL, bool);
            }
            if (lastPath != null) {
                session.setAttribute(WebKeys.LAST_PATH, lastPath);
            }
        }
        String domain = CookieKeys.getDomain(httpServletRequest);
        User userById = UserLocalServiceUtil.getUserById(j);
        String valueOf = String.valueOf(j);
        session.setAttribute("j_username", valueOf);
        session.setAttribute("j_password", userById.getPassword());
        session.setAttribute("j_remoteuser", valueOf);
        session.setAttribute(WebKeys.USER_PASSWORD, str2);
        Cookie cookie = new Cookie("COMPANY_ID", String.valueOf(company.getCompanyId()));
        if (Validator.isNotNull(domain)) {
            cookie.setDomain(domain);
        }
        cookie.setPath("/");
        Cookie cookie2 = new Cookie(CookieKeys.ID, UserLocalServiceUtil.encryptUserId(valueOf));
        if (Validator.isNotNull(domain)) {
            cookie2.setDomain(domain);
        }
        cookie2.setPath("/");
        Cookie cookie3 = new Cookie(CookieKeys.PASSWORD, Encryptor.encrypt(company.getKeyObj(), str2));
        if (Validator.isNotNull(domain)) {
            cookie3.setDomain(domain);
        }
        cookie3.setPath("/");
        Cookie cookie4 = new Cookie(CookieKeys.REMEMBER_ME, Boolean.TRUE.toString());
        if (Validator.isNotNull(domain)) {
            cookie4.setDomain(domain);
        }
        cookie4.setPath("/");
        int i2 = PropsValues.COMPANY_SECURITY_AUTO_LOGIN_MAX_AGE;
        if (PropsValues.SESSION_DISABLED) {
            z = true;
        }
        if (z) {
            cookie.setMaxAge(i2);
            cookie2.setMaxAge(i2);
            cookie3.setMaxAge(i2);
            cookie4.setMaxAge(i2);
        } else {
            cookie.setMaxAge(-1);
            cookie2.setMaxAge(-1);
            cookie3.setMaxAge(-1);
            cookie4.setMaxAge(0);
        }
        Cookie cookie5 = new Cookie(CookieKeys.LOGIN, str);
        if (Validator.isNotNull(domain)) {
            cookie5.setDomain(domain);
        }
        cookie5.setMaxAge(i2);
        cookie5.setPath("/");
        Cookie cookie6 = new Cookie(CookieKeys.SCREEN_NAME, Encryptor.encrypt(company.getKeyObj(), userById.getScreenName()));
        if (Validator.isNotNull(domain)) {
            cookie6.setDomain(domain);
        }
        cookie6.setMaxAge(i2);
        cookie6.setPath("/");
        CookieKeys.addCookie(httpServletResponse, cookie);
        CookieKeys.addCookie(httpServletResponse, cookie2);
        CookieKeys.addCookie(httpServletResponse, cookie3);
        CookieKeys.addCookie(httpServletResponse, cookie4);
        CookieKeys.addCookie(httpServletResponse, cookie5);
        CookieKeys.addCookie(httpServletResponse, cookie6);
    }

    public static void sendPassword(HttpServletRequest httpServletRequest) throws Exception {
        if (((ThemeDisplay) httpServletRequest.getAttribute("THEME_DISPLAY")).getCompany().isSendPassword()) {
            if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
                CaptchaUtil.check(httpServletRequest);
            }
            String string = ParamUtil.getString(httpServletRequest, "emailAddress");
            UserLocalServiceUtil.sendPassword(PortalUtil.getCompanyId(httpServletRequest), string, httpServletRequest.getRemoteAddr(), httpServletRequest.getRemoteHost(), httpServletRequest.getHeader("User-Agent"));
            SessionMessages.add(httpServletRequest, "request_processed", string);
        }
    }

    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS && !httpServletRequest.isSecure()) {
            httpServletResponse.sendRedirect(PortalUtil.getPortalURL(httpServletRequest, true) + ((ThemeDisplay) httpServletRequest.getAttribute("THEME_DISPLAY")).getURLSignIn());
            return null;
        }
        HttpSession session = httpServletRequest.getSession();
        ThemeDisplay themeDisplay = (ThemeDisplay) httpServletRequest.getAttribute("THEME_DISPLAY");
        if (session.getAttribute("j_username") != null && session.getAttribute("j_password") != null) {
            if (PropsValues.PORTAL_JAAS_ENABLE) {
                return actionMapping.findForward("/portal/touch_protected.jsp");
            }
            httpServletResponse.sendRedirect(themeDisplay.getPathMain());
            return null;
        }
        String string = ParamUtil.getString(httpServletRequest, "cmd");
        if (!string.equals("already-registered")) {
            if (!string.equals("forgot-password")) {
                String communityLoginURL = PortalUtil.getCommunityLoginURL(themeDisplay);
                if (Validator.isNull(communityLoginURL)) {
                    communityLoginURL = PropsValues.AUTH_LOGIN_URL;
                }
                if (!Validator.isNotNull(communityLoginURL)) {
                    return actionMapping.findForward("portal.login");
                }
                httpServletResponse.sendRedirect(communityLoginURL);
                return null;
            }
            try {
                sendPassword(httpServletRequest);
                return actionMapping.findForward("portal.login");
            } catch (Exception e) {
                if ((e instanceof CaptchaTextException) || (e instanceof NoSuchUserException) || (e instanceof SendPasswordException) || (e instanceof UserEmailAddressException)) {
                    SessionErrors.add(httpServletRequest, e.getClass().getName());
                    return actionMapping.findForward("portal.login");
                }
                PortalUtil.sendError(e, httpServletRequest, httpServletResponse);
                return null;
            }
        }
        try {
            login(httpServletRequest, httpServletResponse);
            if (PropsValues.PORTAL_JAAS_ENABLE) {
                return actionMapping.findForward("/portal/touch_protected.jsp");
            }
            String string2 = ParamUtil.getString(httpServletRequest, "redirect");
            if (Validator.isNotNull(string2)) {
                httpServletResponse.sendRedirect(string2);
                return null;
            }
            httpServletResponse.sendRedirect(themeDisplay.getPathMain());
            return null;
        } catch (Exception e2) {
            if (e2 instanceof AuthException) {
                Throwable cause = e2.getCause();
                if ((cause instanceof PasswordExpiredException) || (cause instanceof UserLockoutException)) {
                    SessionErrors.add(httpServletRequest, cause.getClass().getName());
                } else {
                    SessionErrors.add(httpServletRequest, e2.getClass().getName());
                }
                return actionMapping.findForward("portal.login");
            }
            if ((e2 instanceof CookieNotSupportedException) || (e2 instanceof NoSuchUserException) || (e2 instanceof PasswordExpiredException) || (e2 instanceof UserEmailAddressException) || (e2 instanceof UserIdException) || (e2 instanceof UserLockoutException) || (e2 instanceof UserPasswordException) || (e2 instanceof UserScreenNameException)) {
                SessionErrors.add(httpServletRequest, e2.getClass().getName());
                return actionMapping.findForward("portal.login");
            }
            PortalUtil.sendError(e2, httpServletRequest, httpServletResponse);
            return null;
        }
    }

    protected void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        login(httpServletRequest, httpServletResponse, ParamUtil.getString(httpServletRequest, "login").toLowerCase(), ParamUtil.getString(httpServletRequest, SessionParameters.get(httpServletRequest, "password")), ParamUtil.getBoolean(httpServletRequest, "rememberMe"));
    }
}
