package de.docware.apps.etk.base.webservice.endpoints.login;

import de.docware.apps.etk.base.project.c;
import de.docware.apps.etk.base.project.filter.EtkFilterTyp;
import de.docware.apps.etk.base.webservice.endpoints.b;
import de.docware.apps.etk.base.webservice.transferobjects.WSFilterValue;
import de.docware.apps.etk.base.webservice.transferobjects.WSOrganisation;
import de.docware.apps.etk.base.webservice.transferobjects.WSUserInfo;
import de.docware.apps.etk.base.webservice.transferobjects.WSUserProperty;
import de.docware.apps.etk.base.webservice.transferobjects.WSUserPropertyDataType;
import de.docware.framework.combimodules.useradmin.db.aa;
import de.docware.framework.combimodules.useradmin.db.ab;
import de.docware.framework.combimodules.useradmin.db.ae;
import de.docware.framework.combimodules.useradmin.db.ah;
import de.docware.framework.combimodules.useradmin.db.aj;
import de.docware.framework.combimodules.useradmin.db.s;
import de.docware.framework.combimodules.useradmin.db.v;
import de.docware.framework.combimodules.useradmin.db.y;
import de.docware.framework.modules.config.common.Language;
import de.docware.framework.modules.gui.misc.logger.LogType;
import de.docware.framework.modules.gui.misc.translation.d;
import de.docware.framework.modules.webservice.restful.RESTfulEndpoint;
import de.docware.framework.modules.webservice.restful.RESTfulTransferObjectInterface;
import de.docware.framework.modules.webservice.restful.annotations.Produces;
import de.docware.framework.modules.webservice.restful.annotations.QueryParam;
import de.docware.framework.modules.webservice.restful.annotations.methods.GET;
import de.docware.framework.modules.webservice.restful.e;
import de.docware.framework.modules.webservice.restful.f;
import de.docware.util.h;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;

/* loaded from: input_file:de/docware/apps/etk/base/webservice/endpoints/login/a.class */
public class a extends b<WSLoginRequest> {
    private static volatile List<aj> bIC;
    private static Map<String, Set<String>> bID = Collections.synchronizedMap(new HashMap());

    public a() {
        super("/login");
        nd(0);
    }

    @Override // de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    public void clearCaches() {
        super.clearCaches();
        bIC = null;
        bID.clear();
    }

    @GET
    @Produces({"application/json"})
    public RESTfulTransferObjectInterface handleWebserviceRequest(@QueryParam("userName") String str, @QueryParam("password") String str2, @QueryParam("organisationId") String str3, @QueryParam("language") String str4) {
        if (!de.docware.apps.etk.base.webservice.endpoints.a.a.amI().amO()) {
            a(403, f.qAG, "HTTP method GET is not allowed if passwords are not encrypted", (String) null);
        }
        WSLoginRequest wSLoginRequest = new WSLoginRequest(str, new de.docware.util.security.b(str2), str3, str4);
        wSLoginRequest.checkIfValid(null);
        return a((a) wSLoginRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.docware.apps.etk.base.webservice.endpoints.b, de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    public RESTfulEndpoint.c a(de.docware.framework.modules.gui.misc.http.server.f fVar) {
        return de.docware.apps.etk.base.webservice.endpoints.a.a.amI().a(this, fVar);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.docware.apps.etk.base.webservice.endpoints.c
    public WSLoginResponse a(c cVar, WSLoginRequest wSLoginRequest) throws e {
        String userName = wSLoginRequest.getUserName();
        String language = wSLoginRequest.getLanguage();
        if (h.ae(language)) {
            language = Language.EN.getCode();
        }
        try {
            if (!de.docware.apps.etk.base.g.a.isActive()) {
                kf(userName);
                return a(cVar, userName, language, (de.docware.util.sql.pool.a) null, (List<String>) null, userName, (String) null);
            }
            de.docware.util.security.b passwordEncrypted = wSLoginRequest.getPasswordEncrypted();
            de.docware.apps.etk.base.webservice.endpoints.a.a amI = de.docware.apps.etk.base.webservice.endpoints.a.a.amI();
            if (amI.amO()) {
                if (amI.amP() == null) {
                    b(f.qAL, "Authentication options are not configured correctly to decrypt login passwords", null);
                }
                try {
                    passwordEncrypted = amI.a(passwordEncrypted);
                } catch (Exception e) {
                    de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLI, LogType.ERROR, e);
                    a(403, f.qAG, "Error while decrypting login password", (String) null);
                }
                if (passwordEncrypted == null) {
                    a(403, f.qAG, "Invalid encryption of login password", (String) null);
                }
            }
            de.docware.util.sql.pool.a qD = de.docware.apps.etk.base.g.a.cGm().qD(false);
            ae P = ae.P(qD, null, userName);
            if (P != null) {
                String userId = P.getUserId();
                String organisationId = wSLoginRequest.getOrganisationId();
                List<String> z = ah.z(qD, null, userId, "javaviewer_app");
                if (h.ae(organisationId)) {
                    if (z.isEmpty()) {
                        a(f.qAB, "No organisation found for user '" + userName + "'", "userName");
                    } else if (z.size() > 1) {
                        return i(z, language);
                    }
                    organisationId = z.get(0);
                }
                y TN = y.TN(organisationId);
                if (!TN.existsInDB()) {
                    a(f.qAB, "Organisation with ID '" + organisationId + "' does not exist", "organisationId");
                }
                String a = v.a(qD, userName, passwordEncrypted.dUW(), false, "javaviewer_app", organisationId);
                if (a != null) {
                    if (!TN.cGR().contains(a)) {
                        a(f.qAB, "Organisation with ID '" + organisationId + "' is not valid for user '" + userName + "'", "organisationId");
                    }
                    de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLF, LogType.DEBUG, "Login successful for user name \"" + userName + "\" in organisation \"" + d.e(TN.TO(Language.EN.getCode()), Language.EN.getCode(), new String[0]) + "\"");
                    return a(cVar, userName, language, qD, z, a, TN.cGQ());
                }
            }
            a(403, f.qAG, "Invalid userName or password", (String) null);
            return null;
        } catch (SQLException e2) {
            de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLF, LogType.ERROR, e2);
            b(f.qAL, "Error accessing the user administration database", null);
            return null;
        }
    }

    private WSLoginResponse i(List<String> list, String str) {
        WSUserInfo wSUserInfo = new WSUserInfo();
        if (list != null) {
            ArrayList arrayList = new ArrayList();
            for (String str2 : list) {
                WSOrganisation wSOrganisation = new WSOrganisation();
                wSOrganisation.setOrganisationId(str2);
                wSOrganisation.setOrganisationName(y.TN(str2).TO(str));
                arrayList.add(wSOrganisation);
            }
            wSUserInfo.setOrganisations(arrayList);
        }
        WSLoginResponse wSLoginResponse = new WSLoginResponse();
        wSLoginResponse.setUserInfo(wSUserInfo);
        return wSLoginResponse;
    }

    private WSLoginResponse a(c cVar, String str, String str2, de.docware.util.sql.pool.a aVar, List<String> list, String str3, String str4) throws SQLException {
        aG(cVar);
        WSLoginResponse i = i(list, str2);
        WSUserInfo userInfo = i.getUserInfo();
        userInfo.setUserId(str3);
        userInfo.setUserName(str);
        userInfo.setOrganisationId(str4);
        if (aVar != null) {
            aa.TU(str3);
            ab TT = aa.TT(str3);
            userInfo.setFirstName(kh(TT.aS("firstName", true).toString()));
            userInfo.setLastName(kh(TT.aS("surname", true).toString()));
            userInfo.setRoles(TT.cGV());
            Set<String> cGU = TT.cGU();
            TreeSet treeSet = new TreeSet();
            Iterator<String> it = cGU.iterator();
            while (it.hasNext()) {
                treeSet.addAll(a(it.next(), aVar));
            }
            userInfo.setRights(treeSet);
            List<WSUserProperty> a = a(str2, aVar, TT);
            if (!a.isEmpty()) {
                userInfo.setUserProperties(a);
            }
        }
        List<WSFilterValue> aH = aH(cVar);
        if (!aH.isEmpty()) {
            userInfo.setFixedFilterValues(aH);
        }
        i.setToken(de.docware.apps.etk.base.webservice.endpoints.a.a.amI().a(userInfo, "token"));
        return i;
    }

    private Set<String> a(String str, de.docware.util.sql.pool.a aVar) throws SQLException {
        Set<String> set = bID.get(str);
        if (set == null) {
            set = new TreeSet(s.E(aVar, null, str));
            bID.put(str, set);
        }
        return set;
    }

    private List<WSUserProperty> a(String str, de.docware.util.sql.pool.a aVar, ab abVar) throws SQLException {
        ArrayList arrayList = new ArrayList();
        for (aj ajVar : b(aVar)) {
            WSUserProperty wSUserProperty = new WSUserProperty();
            String key = ajVar.getKey();
            Object aS = abVar.aS(key, ajVar.aiT().equals("UserAdmin"));
            if (aS != null) {
                String obj = aS.toString();
                if (!obj.isEmpty()) {
                    wSUserProperty.setPropertyValue(obj);
                    wSUserProperty.setPropertyKey(key);
                    wSUserProperty.setPropertyName(d.e(ajVar.getName(), str, new String[0]));
                    wSUserProperty.setPropertyType(WSUserPropertyDataType.getUserPropertyDataType(ajVar.cFM()));
                    arrayList.add(wSUserProperty);
                }
            }
        }
        return arrayList;
    }

    private List<aj> b(de.docware.util.sql.pool.a aVar) throws SQLException {
        if (bIC == null) {
            List<aj> ah = aj.ah(aVar, null, "UserAdmin");
            ah.addAll(aj.ah(aVar, null, "javaviewer_app"));
            bIC = ah;
        }
        return bIC;
    }

    private List<WSFilterValue> aH(c cVar) {
        de.docware.util.b.b.a aVar = new de.docware.util.b.b.a();
        for (EtkFilterTyp etkFilterTyp : cVar.oH().sF()) {
            if (etkFilterTyp.isValid() && (etkFilterTyp.oR() || etkFilterTyp.isHidden())) {
                aVar.add(new WSFilterValue(etkFilterTyp.getName(), etkFilterTyp.getFilterValues()));
            }
        }
        return aVar;
    }
}
