package com.atlassian.applinks.ui.auth;

import com.atlassian.applinks.host.spi.InternalHostApplication;
import com.atlassian.sal.api.auth.AuthenticationListener;
import com.atlassian.sal.api.auth.Authenticator;
import com.atlassian.sal.api.message.Message;
import com.atlassian.sal.api.user.UserManager;
import java.io.Serializable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/atlassian/applinks/ui/auth/AdminUIAuthenticator.class */
public class AdminUIAuthenticator {
    public static final String ADMIN_USERNAME = "al_username";
    public static final String ADMIN_PASSWORD = "al_password";
    private static final String ADMIN_SESSION_KEY = "al_auth";
    private static final String ADMIN = "admin";
    private static final String SYSADMIN = "sysadmin";
    private final UserManager userManager;
    private final AuthenticationListener authenticationListener;
    private final InternalHostApplication internalHostApplication;
    private static final Result SUCCESS = new Result(true);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/atlassian/applinks/ui/auth/AdminUIAuthenticator$Result.class */
    public static class Result {
        private final boolean success;
        private final Message message;

        public Result(boolean z) {
            this(z, null);
        }

        Result(boolean z, Message message) {
            this.success = z;
            this.message = message;
        }

        public boolean success() {
            return this.success;
        }

        public Message getMessage() {
            return this.message;
        }
    }

    /* loaded from: input_file:com/atlassian/applinks/ui/auth/AdminUIAuthenticator$SessionHandler.class */
    public interface SessionHandler {
        void set(String str, Object obj);

        Object get(String str);
    }

    public AdminUIAuthenticator(UserManager userManager, AuthenticationListener authenticationListener, InternalHostApplication internalHostApplication) {
        this.userManager = userManager;
        this.authenticationListener = authenticationListener;
        this.internalHostApplication = internalHostApplication;
    }

    public boolean checkAdminUIAccessBySessionOrPasswordAndActivateAdminSession(String str, String str2, SessionHandler sessionHandler) {
        if (isAdminSession(sessionHandler)) {
            return true;
        }
        if (!checkAdminUIAccessByPasswordOrCurrentUser(str, str2)) {
            return false;
        }
        sessionHandler.set(ADMIN_SESSION_KEY, ADMIN);
        return true;
    }

    public boolean checkSysadminUIAccessBySessionOrPasswordAndActivateSysadminSession(String str, String str2, SessionHandler sessionHandler) {
        if (isSysadminSession(sessionHandler)) {
            return true;
        }
        if (!checkSysadminUIAccessByPasswordOrCurrentUser(str, str2)) {
            return false;
        }
        sessionHandler.set(ADMIN_SESSION_KEY, SYSADMIN);
        return true;
    }

    public boolean checkAdminUIAccessByPasswordOrCurrentUser(String str, String str2) {
        return (str != null) & (str2 != null) ? this.userManager.authenticate(str, str2) && isAdmin(str) : isCurrentUserAdmin();
    }

    public boolean checkSysadminUIAccessByPasswordOrCurrentUser(String str, String str2) {
        return (str != null) & (str2 != null) ? this.userManager.authenticate(str, str2) && isSysadmin(str) : isCurrentUserSysadmin();
    }

    public boolean checkAdminUIAccessBySessionOrCurrentUser(HttpServletRequest httpServletRequest) {
        return isAdminSession(httpServletRequest) || isAdmin(this.userManager.getRemoteUsername());
    }

    public boolean checkSysadminUIAccessBySessionOrCurrentUser(HttpServletRequest httpServletRequest) {
        return isSysadminSession(httpServletRequest) || isSysadmin(this.userManager.getRemoteUsername());
    }

    public boolean isCurrentUserAdmin() {
        return isAdmin(this.userManager.getRemoteUsername());
    }

    public boolean isCurrentUserSysadmin() {
        return isSysadmin(this.userManager.getRemoteUsername());
    }

    public Result logInAsPowerUser(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (str == null || str2 == null || !this.userManager.authenticate(str, str2)) {
            return returnLoginFailed();
        }
        if (!isAdmin(str)) {
            return returnNotPowerUser(str);
        }
        if (isSysadmin(str)) {
            httpServletRequest.getSession().setAttribute(ADMIN_SESSION_KEY, SYSADMIN);
        } else {
            httpServletRequest.getSession().setAttribute(ADMIN_SESSION_KEY, ADMIN);
        }
        return returnPowerUserLoginSuccess(str, httpServletRequest, httpServletResponse);
    }

    private Result returnLoginFailed() {
        return new Result(false, new Message() { // from class: com.atlassian.applinks.ui.auth.AdminUIAuthenticator.1
            public String getKey() {
                return "applinks.admin.login.auth.failed";
            }

            public Serializable[] getArguments() {
                return new Serializable[0];
            }
        });
    }

    private Result returnNotPowerUser(final String str) {
        return new Result(false, new Message() { // from class: com.atlassian.applinks.ui.auth.AdminUIAuthenticator.2
            public String getKey() {
                return "applinks.admin.login.auth.authorization.failed";
            }

            public Serializable[] getArguments() {
                return new Serializable[]{str, AdminUIAuthenticator.this.internalHostApplication.getName()};
            }
        });
    }

    private Result returnPowerUserLoginSuccess(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.authenticationListener.authenticationSuccess(new Authenticator.Result.Success(new Message() { // from class: com.atlassian.applinks.ui.auth.AdminUIAuthenticator.3
            public String getKey() {
                return "Successfully authenticated";
            }

            public Serializable[] getArguments() {
                return null;
            }
        }, this.userManager.resolve(str)), httpServletRequest, httpServletResponse);
        return SUCCESS;
    }

    private boolean isAdmin(String str) {
        return str != null && (this.userManager.isAdmin(str) || this.userManager.isSystemAdmin(str));
    }

    private boolean isSysadmin(String str) {
        return str != null && this.userManager.isSystemAdmin(str);
    }

    private boolean isAdminSession(HttpServletRequest httpServletRequest) {
        return isAdminSession(new ServletSessionHandler(httpServletRequest));
    }

    private boolean isAdminSession(SessionHandler sessionHandler) {
        return ADMIN.equals(sessionHandler.get(ADMIN_SESSION_KEY)) || SYSADMIN.equals(sessionHandler.get(ADMIN_SESSION_KEY));
    }

    private boolean isSysadminSession(HttpServletRequest httpServletRequest) {
        return isSysadminSession(new ServletSessionHandler(httpServletRequest));
    }

    private boolean isSysadminSession(SessionHandler sessionHandler) {
        return SYSADMIN.equals(sessionHandler.get(ADMIN_SESSION_KEY));
    }
}
