package leap.web.security.login;

import leap.core.annotation.Inject;
import leap.core.security.Authentication;
import leap.lang.Out;
import leap.lang.intercepting.State;
import leap.lang.logging.Log;
import leap.lang.logging.LogFactory;
import leap.web.Request;
import leap.web.Response;
import leap.web.security.DefaultSecurityContextHolder;
import leap.web.security.SecurityConfig;
import leap.web.security.SecurityInterceptor;
import leap.web.security.SecuritySessionManager;
import leap.web.security.authc.AuthenticationManager;
import leap.web.security.authc.SimpleAuthentication;
import leap.web.security.login.LoginHandler;
import leap.web.security.permission.PermissionManager;

/* loaded from: input_file:leap/web/security/login/DefaultLoginManager.class */
public class DefaultLoginManager implements LoginManager {
    private static final Log log = LogFactory.get((Class<?>) DefaultLoginManager.class);

    @Inject
    protected SecurityConfig config;

    @Inject
    protected LoginHandler[] handlers;

    @Inject
    protected LoginAjaxHandler ajaxHandler;

    @Inject
    protected LoginViewHandler viewHandler;

    @Inject
    protected AuthenticationManager authcManager;

    @Inject
    protected PermissionManager permissionManager;

    @Inject
    protected SecuritySessionManager sessionManager;

    @Override // leap.web.security.login.LoginManager
    public boolean promoteLogin(Request request, Response response, LoginContext loginContext) throws Throwable {
        for (SecurityInterceptor securityInterceptor : this.config.getInterceptors()) {
            if (State.isIntercepted(securityInterceptor.prePromoteLogin(request, response, loginContext))) {
                return true;
            }
        }
        if (request.isAjax()) {
            log.debug("Promote login for ajax request");
            this.ajaxHandler.promoteLogin(request, response, loginContext);
            return true;
        }
        log.debug("Promote login");
        this.viewHandler.promoteLogin(request, response, loginContext);
        return true;
    }

    @Override // leap.web.security.login.LoginManager
    public boolean handleLoginRequest(Request request, Response response, LoginContext loginContext) throws Throwable {
        if (!isLoginRequest(request, response, loginContext)) {
            return false;
        }
        request.setAcceptValidationError(true);
        if (!isGotoLoginView(request, response, loginContext)) {
            handleLoginAuthentication(request, response, loginContext);
            return true;
        }
        Authentication authentication = this.sessionManager.getAuthentication(request);
        if (null == authentication || !authentication.isAuthenticated()) {
            handleLoginView(request, response, loginContext);
            return true;
        }
        handleLoginSuccessView(request, response, loginContext);
        return true;
    }

    protected boolean isGotoLoginView(Request request, Response response, LoginContext loginContext) {
        LoginHandler.HandleType handleType = request.isGet() ? LoginHandler.HandleType.VIEW : LoginHandler.HandleType.AUTHENTICATION;
        Out<LoginHandler.HandleType> out = new Out<>();
        out.set(handleType);
        for (LoginHandler loginHandler : this.handlers) {
            loginHandler.parseHandleType(request, response, loginContext, out);
        }
        return out.get() == LoginHandler.HandleType.VIEW;
    }

    @Override // leap.web.security.login.LoginManager
    public void handleLoginSuccess(Request request, Response response, Authentication authentication) throws Throwable {
        DefaultSecurityContextHolder defaultSecurityContextHolder = new DefaultSecurityContextHolder(this.config, this.permissionManager, request);
        defaultSecurityContextHolder.setAuthentication(authentication);
        handleLoginSuccessView(request, response, defaultSecurityContextHolder.getLoginContext());
    }

    protected void handleLoginView(Request request, Response response, LoginContext loginContext) throws Throwable {
        for (LoginHandler loginHandler : this.handlers) {
            if (State.isIntercepted(loginHandler.handleLoginView(request, response, loginContext))) {
                return;
            }
        }
        this.viewHandler.goLoginUrl(request, response, loginContext);
    }

    protected void handleLoginSuccessView(Request request, Response response, LoginContext loginContext) throws Throwable {
        if (request.isAjax()) {
            this.ajaxHandler.handleLoginSuccess(request, response, loginContext);
        } else {
            this.viewHandler.handleLoginSuccess(request, response, loginContext);
        }
    }

    protected void handleLoginAuthentication(Request request, Response response, LoginContext loginContext) throws Throwable {
        for (SecurityInterceptor securityInterceptor : this.config.getInterceptors()) {
            if (State.isIntercepted(securityInterceptor.preLoginAuthentication(request, response, loginContext))) {
                return;
            }
        }
        if (!loginContext.isAuthenticated() && !loginContext.isError()) {
            for (LoginHandler loginHandler : this.handlers) {
                if (State.isIntercepted(loginHandler.handleLoginAuthentication(request, response, loginContext))) {
                    return;
                }
            }
        }
        if (loginContext.isAuthenticated() && !loginContext.isError()) {
            SimpleAuthentication simpleAuthentication = new SimpleAuthentication(loginContext.getUser(), loginContext.getCredentials());
            this.authcManager.loginImmediately(request, response, simpleAuthentication);
            for (SecurityInterceptor securityInterceptor2 : this.config.getInterceptors()) {
                if (State.isIntercepted(securityInterceptor2.onLoginAuthenticationSuccess(request, response, loginContext, simpleAuthentication))) {
                    return;
                }
            }
            handleLoginSuccessView(request, response, loginContext);
            return;
        }
        for (SecurityInterceptor securityInterceptor3 : this.config.getInterceptors()) {
            if (State.isIntercepted(securityInterceptor3.onLoginAuthenticationFailure(request, response, loginContext))) {
                return;
            }
        }
        if (request.isAjax()) {
            this.ajaxHandler.handleLoginFailure(request, response, loginContext);
        } else {
            this.viewHandler.handleLoginFailure(request, response, loginContext);
        }
    }

    protected boolean isLoginRequest(Request request, Response response, LoginContext loginContext) throws Throwable {
        return request.getPath().equals(this.config.getLoginAction());
    }
}
