package org.alfresco.repo.security.authentication;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.Context;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.util.EqualsHelper;
import org.alfresco.util.GUID;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository-3.2.jar:org/alfresco/repo/security/authentication/TestAuthenticationServiceImpl.class */
public class TestAuthenticationServiceImpl implements AuthenticationService {
    private Map<String, String> userNamesAndPasswords;
    private Set<String> disabledUsers;
    private Map<String, String> userToTicket;
    String domain;
    boolean allowCreate;
    boolean allowDelete;
    boolean allowUpdate;
    boolean allowGuest;
    private static final String SYSTEM_USER_NAME = "System";

    public TestAuthenticationServiceImpl(String str, boolean z, boolean z2, boolean z3, boolean z4) {
        this.userNamesAndPasswords = new HashMap();
        this.disabledUsers = new HashSet();
        this.userToTicket = new HashMap();
        this.domain = str;
        this.allowCreate = z;
        this.allowDelete = z2;
        this.allowUpdate = z3;
        this.allowGuest = z4;
    }

    public TestAuthenticationServiceImpl(String str, boolean z, boolean z2, boolean z3, boolean z4, Map<String, String> map, Set<String> set) {
        this(str, z, z2, z3, z4);
        if (map != null) {
            this.userNamesAndPasswords.putAll(map);
        }
        if (set != null) {
            this.disabledUsers.addAll(set);
        }
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void createAuthentication(String str, char[] cArr) throws AuthenticationException {
        if (!this.allowCreate) {
            throw new AuthenticationException("Create not allowed");
        }
        if (this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User exists");
        }
        this.userNamesAndPasswords.put(str, new String(cArr));
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void updateAuthentication(String str, char[] cArr, char[] cArr2) throws AuthenticationException {
        if (!this.allowUpdate) {
            throw new AuthenticationException("Update not allowed");
        }
        if (!this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User does not exist");
        }
        if (!this.userNamesAndPasswords.get(str).equals(new String(cArr))) {
            throw new AuthenticationException("Password does not match existing");
        }
        this.userNamesAndPasswords.put(str, new String(cArr2));
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void setAuthentication(String str, char[] cArr) throws AuthenticationException {
        if (!this.allowUpdate) {
            throw new AuthenticationException("Update not allowed");
        }
        if (!this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User does not exist");
        }
        this.userNamesAndPasswords.put(str, new String(cArr));
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void deleteAuthentication(String str) throws AuthenticationException {
        if (!this.allowDelete) {
            throw new AuthenticationException("Delete not allowed");
        }
        if (!this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User does not exist");
        }
        this.userNamesAndPasswords.remove(str);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void setAuthenticationEnabled(String str, boolean z) throws AuthenticationException {
        if (!this.allowUpdate) {
            throw new AuthenticationException("Update not allowed");
        }
        if (!this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User does not exist");
        }
        if (z) {
            this.disabledUsers.remove(str);
        } else {
            this.disabledUsers.add(str);
        }
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public boolean getAuthenticationEnabled(String str) throws AuthenticationException {
        return this.userNamesAndPasswords.containsKey(str) && !this.disabledUsers.contains(str);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void authenticate(String str, char[] cArr) throws AuthenticationException {
        if (!this.userNamesAndPasswords.containsKey(str)) {
            throw new AuthenticationException("User does not exist");
        }
        if (this.disabledUsers.contains(str)) {
            throw new AuthenticationException("User disabled0");
        }
        if (!this.userNamesAndPasswords.get(str).equals(new String(cArr))) {
            throw new AuthenticationException("Unknown user/password");
        }
        setCurrentUser(str);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void authenticateAsGuest() throws AuthenticationException {
        if (!this.allowGuest) {
            throw new AuthenticationException("Guest access denied");
        }
        setCurrentUser("guest");
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public boolean guestUserAuthenticationAllowed() {
        return this.allowGuest;
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public boolean authenticationExists(String str) {
        return this.userNamesAndPasswords.containsKey(str);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public String getCurrentUserName() throws AuthenticationException {
        Context context = ContextHolder.getContext();
        if (context == null || !(context instanceof SecureContext)) {
            return null;
        }
        return getUserName(((SecureContext) context).getAuthentication());
    }

    private String getUserName(Authentication authentication) {
        String obj = authentication.getPrincipal().toString();
        if (authentication.getPrincipal() instanceof UserDetails) {
            obj = ((UserDetails) authentication.getPrincipal()).getUsername();
        }
        return obj;
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void invalidateUserSession(String str) throws AuthenticationException {
        this.userToTicket.remove(str);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void invalidateTicket(String str) throws AuthenticationException {
        String str2 = null;
        for (String str3 : this.userToTicket.keySet()) {
            if (EqualsHelper.nullSafeEquals(this.userToTicket.get(str3), str)) {
                str2 = str3;
            }
        }
        if (str2 != null) {
            this.userToTicket.remove(str2);
        }
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void validate(String str) throws AuthenticationException {
        String str2 = null;
        for (String str3 : this.userToTicket.keySet()) {
            if (EqualsHelper.nullSafeEquals(this.userToTicket.get(str3), str)) {
                str2 = str3;
            }
        }
        if (str2 == null) {
            throw new AuthenticationException("Invalid ticket");
        }
        setCurrentUser(str2);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public String getCurrentTicket() {
        String currentUserName = getCurrentUserName();
        String str = this.userToTicket.get(currentUserName);
        if (str == null) {
            str = GUID.generate();
            this.userToTicket.put(currentUserName, str);
        }
        return str;
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public String getNewTicket() {
        String currentUserName = getCurrentUserName();
        String str = this.userToTicket.get(currentUserName);
        if (str == null) {
            str = GUID.generate();
            this.userToTicket.put(currentUserName, str);
        }
        return str;
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public void clearCurrentSecurityContext() {
        ContextHolder.setContext(null);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public boolean isCurrentUserTheSystemUser() {
        String currentUserName = getCurrentUserName();
        return currentUserName != null && currentUserName.equals("System");
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public Set<String> getDomains() {
        return Collections.singleton(this.domain);
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public Set<String> getDomainsThatAllowUserCreation() {
        return this.allowCreate ? Collections.singleton(this.domain) : Collections.emptySet();
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public Set<String> getDomainsThatAllowUserDeletion() {
        return this.allowDelete ? Collections.singleton(this.domain) : Collections.emptySet();
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public Set<String> getDomiansThatAllowUserPasswordChanges() {
        return this.allowUpdate ? Collections.singleton(this.domain) : Collections.emptySet();
    }

    public Authentication setCurrentUser(String str) throws AuthenticationException {
        if (str == null) {
            throw new AuthenticationException("Null user name");
        }
        try {
            UserDetails user = str.equals("System") ? new User("System", "", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_SYSTEM")}) : str.equalsIgnoreCase("guest") ? new User("guest".toLowerCase(), "", true, true, true, true, new GrantedAuthority[0]) : getUserDetails(str);
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(user, "", user.getAuthorities());
            usernamePasswordAuthenticationToken.setDetails(user);
            usernamePasswordAuthenticationToken.setAuthenticated(true);
            return setCurrentAuthentication(usernamePasswordAuthenticationToken);
        } catch (net.sf.acegisecurity.AuthenticationException e) {
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    protected UserDetails getUserDetails(String str) {
        return new User(str, "", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_AUTHENTICATED")});
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [net.sf.acegisecurity.context.security.SecureContext] */
    public Authentication setCurrentAuthentication(Authentication authentication) {
        SecureContextImpl secureContextImpl;
        Context context = ContextHolder.getContext();
        if (context == null || !(context instanceof SecureContext)) {
            secureContextImpl = new SecureContextImpl();
            ContextHolder.setContext(secureContextImpl);
        } else {
            secureContextImpl = (SecureContext) context;
        }
        authentication.setAuthenticated(true);
        secureContextImpl.setAuthentication(authentication);
        return authentication;
    }

    @Override // org.alfresco.service.cmr.security.AuthenticationService
    public Set<String> getDefaultAdministratorUserNames() {
        return Collections.singleton(AuthenticationUtil.getAdminUserName());
    }
}
