package org.iplass.adminconsole.server.base.rpc.util;

import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.iplass.adminconsole.server.base.i18n.AdminResourceBundleUtil;
import org.iplass.adminconsole.shared.base.dto.AdminUncaughtException;
import org.iplass.adminconsole.shared.base.dto.auth.AdminAuthException;
import org.iplass.adminconsole.shared.base.dto.auth.LoginFailureException;
import org.iplass.adminconsole.shared.base.dto.auth.TenantNotFoundException;
import org.iplass.adminconsole.shared.base.dto.auth.UnauthenticatedException;
import org.iplass.adminconsole.shared.base.dto.auth.UnauthorizedAccessException;
import org.iplass.mtp.SystemException;
import org.iplass.mtp.auth.login.IdPasswordCredential;
import org.iplass.mtp.auth.login.LoginException;
import org.iplass.mtp.impl.auth.AuthContextHolder;
import org.iplass.mtp.impl.auth.AuthService;
import org.iplass.mtp.impl.auth.UserContext;
import org.iplass.mtp.impl.auth.authenticate.AnonymousUserContext;
import org.iplass.mtp.impl.core.ExecuteContext;
import org.iplass.mtp.impl.core.TenantContext;
import org.iplass.mtp.impl.core.TenantContextService;
import org.iplass.mtp.impl.web.RequestPath;
import org.iplass.mtp.impl.web.WebRequestStack;
import org.iplass.mtp.impl.web.i18n.LangSelector;
import org.iplass.mtp.spi.ServiceRegistry;
import org.iplass.mtp.transaction.Propagation;
import org.iplass.mtp.transaction.Transaction;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/iplass/adminconsole/server/base/rpc/util/AuthUtil.class */
public class AuthUtil {
    private static final Logger log = LoggerFactory.getLogger(AuthUtil.class);
    private static final Logger fatalLogger = LoggerFactory.getLogger("mtp.fatal");

    /* loaded from: input_file:org/iplass/adminconsole/server/base/rpc/util/AuthUtil$Callable.class */
    public interface Callable<R> {
        R call();
    }

    public static <R> R authCheckAndInvoke(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, Callable<R> callable) {
        return (R) doInvoke(servletContext, httpServletRequest, httpServletResponse, i, () -> {
            checkAdmin();
            return ServiceRegistry.getRegistry().getService(AuthService.class).doSecuredAction(AuthContextHolder.getAuthContext(), () -> {
                return callable.call();
            });
        });
    }

    public static void authCheck(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        authCheckAndInvoke(servletContext, httpServletRequest, httpServletResponse, i, () -> {
            return null;
        });
    }

    public static void authLogin(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, String str, String str2) {
        doInvoke(servletContext, httpServletRequest, httpServletResponse, i, () -> {
            AuthService service = ServiceRegistry.getRegistry().getService(AuthService.class);
            try {
                service.login(new IdPasswordCredential(str, str2));
                checkAdmin();
                return null;
            } catch (UnauthorizedAccessException e) {
                service.logout();
                throw e;
            } catch (LoginException e2) {
                throw new LoginFailureException(e2.getMessage());
            } catch (OutOfMemoryError e3) {
                throw new SystemException(e3);
            }
        });
    }

    public static void authLogoff(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        doInvoke(servletContext, httpServletRequest, httpServletResponse, i, () -> {
            ServiceRegistry.getRegistry().getService(AuthService.class).logout();
            return null;
        });
    }

    /* JADX WARN: Type inference failed for: r12v1, types: [java.lang.Throwable, org.iplass.adminconsole.shared.base.dto.auth.AdminAuthException] */
    private static <R> R doInvoke(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, Callable<R> callable) {
        try {
            try {
                try {
                    TenantContext tenantContext = getTenantContext(i);
                    ExecuteContext.initContext(new ExecuteContext(tenantContext));
                    R r = (R) Transaction.with(Propagation.REQUIRED, transaction -> {
                        WebRequestStack webRequestStack = null;
                        try {
                            webRequestStack = new WebRequestStack(new RequestPath(tenantContext.getTenantUrl()), servletContext, httpServletRequest, httpServletResponse);
                            LangSelector langSelector = new LangSelector();
                            langSelector.selectLangByRequest(webRequestStack.getRequestContext(), ExecuteContext.getCurrentContext());
                            langSelector.selectLangByUser(webRequestStack.getRequestContext(), ExecuteContext.getCurrentContext());
                            Object call = callable.call();
                            if (webRequestStack != null) {
                                webRequestStack.finallyProcess();
                            }
                            return call;
                        } catch (Throwable th) {
                            if (webRequestStack != null) {
                                webRequestStack.finallyProcess();
                            }
                            throw th;
                        }
                    });
                    ExecuteContext.finContext();
                    return r;
                } catch (AdminAuthException e) {
                    log.info(e.getMessage());
                    throw e;
                }
            } catch (Throwable th) {
                if (th instanceof Error) {
                    fatalLogger.error(th.getMessage(), th);
                } else {
                    log.error(th.getMessage(), th);
                }
                if (th instanceof RuntimeException) {
                    throw ((RuntimeException) th);
                }
                throw new AdminUncaughtException(th);
            }
        } catch (Throwable th2) {
            ExecuteContext.finContext();
            throw th2;
        }
    }

    private static TenantContext getTenantContext(int i) {
        if (log.isTraceEnabled()) {
            log.trace(rs("util.AuthUtil.runAdminConsoleId", Integer.valueOf(i)));
        }
        TenantContext tenantContext = ServiceRegistry.getRegistry().getService(TenantContextService.class).getTenantContext(i);
        if (tenantContext == null) {
            throw new TenantNotFoundException(rs("util.AuthUtil.canNotGetTenantInfo", new Object[0]));
        }
        return tenantContext;
    }

    private static void checkAdmin() {
        UserContext userContext = AuthContextHolder.getAuthContext().getUserContext();
        if (userContext instanceof AnonymousUserContext) {
            throw new UnauthenticatedException(rs("util.AuthUtil.notLogin", new Object[0]));
        }
        if (!userContext.getUser().isAdmin()) {
            throw new UnauthorizedAccessException(rs("util.AuthUtil.notHavePermission", new Object[0]));
        }
    }

    private static String rs(String str, Object... objArr) {
        return AdminResourceBundleUtil.resourceString(str, objArr);
    }
}
