package com.atlassian.confluence.rpc.auth;

import com.atlassian.confluence.cluster.shareddata.SharedDataManager;
import com.atlassian.confluence.event.events.security.RpcAuthenticatedEvent;
import com.atlassian.confluence.rpc.AuthenticationFailedException;
import com.atlassian.confluence.rpc.InvalidSessionException;
import com.atlassian.confluence.rpc.NotPermittedException;
import com.atlassian.confluence.rpc.RemoteException;
import com.atlassian.confluence.security.Permission;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.security.login.LoginManager;
import com.atlassian.confluence.security.login.LoginResult;
import com.atlassian.confluence.setup.settings.SettingsManager;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.user.UserAccessor;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.security.random.DefaultSecureTokenGenerator;
import com.atlassian.user.User;
import com.google.common.base.Preconditions;
import java.util.Map;

/* loaded from: input_file:com/atlassian/confluence/rpc/auth/TokenAuthenticationManager.class */
public class TokenAuthenticationManager {
    public static final String CACHE_KEY = TokenAuthenticationManager.class.getName() + ".tokens";
    private final LoginManager loginManager;
    private final UserAccessor userAccessor;
    private final PermissionManager permissionManager;
    private final SettingsManager settingsManager;
    private final EventPublisher eventPublisher;
    private final SharedDataManager clusterSharedDataManager;

    public TokenAuthenticationManager(LoginManager loginManager, UserAccessor userAccessor, PermissionManager permissionManager, SettingsManager settingsManager, EventPublisher eventPublisher, SharedDataManager sharedDataManager) {
        this.loginManager = (LoginManager) Preconditions.checkNotNull(loginManager);
        this.userAccessor = (UserAccessor) Preconditions.checkNotNull(userAccessor);
        this.permissionManager = (PermissionManager) Preconditions.checkNotNull(permissionManager);
        this.settingsManager = (SettingsManager) Preconditions.checkNotNull(settingsManager);
        this.eventPublisher = (EventPublisher) Preconditions.checkNotNull(eventPublisher);
        this.clusterSharedDataManager = (SharedDataManager) Preconditions.checkNotNull(sharedDataManager);
    }

    public String login(String str, String str2) throws RemoteException {
        if (this.loginManager.requiresElevatedSecurityCheck(str)) {
            this.loginManager.onFailedLoginAttempt(str, null);
            throw new AuthenticationFailedException("Attempt to log in user '" + str + "' failed. The maximum number of failed login attempts has been reached. Please log into the web application through the web interface to reset the number of failed login attempts.");
        }
        if (!LoginResult.OK.equals(this.loginManager.authenticate(str, str2))) {
            throw new AuthenticationFailedException("Attempt to log in user '" + str + "' failed - incorrect username/password combination.");
        }
        ConfluenceUser userByName = this.userAccessor.getUserByName(str);
        if (null == userByName) {
            throw new AuthenticationFailedException("Attempt to log in user '" + str + "' failed - incorrect username/password combination.");
        }
        String createToken = createToken(userByName);
        this.eventPublisher.publish(new RpcAuthenticatedEvent(this, userByName, createToken));
        return createToken;
    }

    public boolean logout(String str) throws RemoteException {
        if (getTokenMap().get(str) == null) {
            return false;
        }
        getTokenMap().remove(str);
        return true;
    }

    private String createToken(User user) throws RemoteException {
        String substring = DefaultSecureTokenGenerator.getInstance().generateToken().substring(0, 10);
        int i = 0;
        while (getTokenMap().get(substring) != null) {
            int i2 = i;
            i++;
            if (i2 >= 10) {
                break;
            }
            substring = DefaultSecureTokenGenerator.getInstance().generateToken().substring(0, 10);
        }
        if (i >= 10) {
            throw new RemoteException("Error generating auth token - what the?");
        }
        getTokenMap().put(substring, user.getName());
        return substring;
    }

    public ConfluenceUser makeNonAnonymousConfluenceUserFromToken(String str) throws InvalidSessionException {
        ConfluenceUser retrieveUser = retrieveUser(str);
        if (retrieveUser == null) {
            throw new InvalidSessionException("User not authenticated or session expired. Call login() to open a new session");
        }
        return retrieveUser;
    }

    @Deprecated
    public User makeNonAnonymousUserFromToken(String str) throws InvalidSessionException {
        return makeNonAnonymousConfluenceUserFromToken(str);
    }

    public ConfluenceUser makeAnonymousConfluenceUser() throws NotPermittedException {
        if (this.settingsManager.getGlobalSettings().isAllowRemoteApiAnonymous()) {
            return null;
        }
        throw new NotPermittedException("Anonymous RPC access is disabled on this server");
    }

    @Deprecated
    public User makeAnonymousUser() throws NotPermittedException {
        return makeAnonymousConfluenceUser();
    }

    public boolean hasUseConfluencePermission(User user) {
        return this.permissionManager.hasPermission(user, Permission.VIEW, PermissionManager.TARGET_APPLICATION);
    }

    private ConfluenceUser retrieveUser(String str) {
        return this.userAccessor.getUserByName(getTokenMap().get(str));
    }

    private Map<String, String> getTokenMap() {
        return this.clusterSharedDataManager.getSharedData(getClass().getSimpleName() + ".tokens").getMap();
    }
}
