package cern.c2mon.client.ext.rbac.impl;

import cern.c2mon.client.ext.rbac.AuthenticationListener;
import cern.c2mon.client.ext.rbac.AuthenticationManager;
import cern.rbac.client.TokenExpiredException;
import cern.rbac.client.authentication.AuthenticationClient;
import cern.rbac.client.authentication.AuthenticationException;
import cern.rbac.common.RbaToken;
import cern.rbac.common.TokenFormatException;
import cern.rbac.util.holder.ClientTierRbaTokenChangeListener;
import cern.rbac.util.holder.ClientTierTokenHolder;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cern/c2mon/client/ext/rbac/impl/RbacAuthenticationManager.class */
public class RbacAuthenticationManager implements AuthenticationManager, RbaTokenManager, ClientTierRbaTokenChangeListener {
    private static final Logger log = LoggerFactory.getLogger(RbacAuthenticationManager.class);
    private static final Object SYNC_LOCK = new Object();
    private final Map<String, RbaToken> userSSOContexts = new ConcurrentHashMap();
    private RbaToken rbaGUILoginToken = null;
    private Set<AuthenticationListener> authenticationListeners = Collections.synchronizedSet(new HashSet());

    @PostConstruct
    protected void init() {
        ClientTierTokenHolder.addRbaTokenChangeListener(this);
    }

    @PreDestroy
    protected void cleanup() {
        this.authenticationListeners.clear();
        this.userSSOContexts.clear();
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public boolean isUserLogged(String str) {
        boolean z = false;
        RbaToken findRbaToken = findRbaToken(str);
        if (findRbaToken != null) {
            z = findRbaToken.isValid();
            if (!z) {
                removeRbaToken(str);
            }
        }
        return z;
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public Set<String> getLoggedUserNames() {
        HashSet hashSet = new HashSet(this.userSSOContexts.keySet());
        if (this.rbaGUILoginToken != null) {
            hashSet.add(this.rbaGUILoginToken.getUser().getName());
        }
        hashSet.addAll(this.userSSOContexts.keySet());
        return hashSet;
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public boolean login(String str) {
        boolean z = false;
        try {
            RbaToken loginSso = AuthenticationClient.create().loginSso(str);
            z = loginSso.isValid();
            this.userSSOContexts.put(loginSso.getUser().getName(), loginSso);
        } catch (AuthenticationException e) {
            log.error("Authentication failed: {}", e);
        }
        return z;
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public boolean login(String str, String str2) {
        return login("c2mon-client-api", str, str2);
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public boolean login(String str, String str2, String str3) {
        boolean z;
        synchronized (SYNC_LOCK) {
            boolean z2 = false;
            try {
                RbaToken loginExplicit = AuthenticationClient.create().loginExplicit(str2, str3);
                this.userSSOContexts.put(str2, loginExplicit);
                z2 = loginExplicit.isValid();
            } catch (AuthenticationException e) {
                log.info("login() - Login attempt for user " + str2 + " failed. Reason: " + e.getMessage());
            }
            z = z2;
        }
        return z;
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public boolean logout(String str) {
        synchronized (SYNC_LOCK) {
            RbaToken rbaToken = this.userSSOContexts.get(str);
            removeRbaToken(str);
            if (rbaToken != null) {
                ClientTierTokenHolder.clear();
            }
        }
        return true;
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public void addAuthenticationListener(AuthenticationListener authenticationListener) {
        if (authenticationListener == null || this.authenticationListeners.contains(authenticationListener)) {
            return;
        }
        this.authenticationListeners.add(authenticationListener);
    }

    @Override // cern.c2mon.client.ext.rbac.AuthenticationManager
    public void removeAuthenticationListener(AuthenticationListener authenticationListener) {
        if (authenticationListener != null) {
            this.authenticationListeners.remove(authenticationListener);
        }
    }

    public void rbaTokenChanged(RbaToken rbaToken) throws TokenFormatException, TokenExpiredException {
        if (rbaToken == null) {
            if (this.rbaGUILoginToken == null) {
                log.debug("rbaTokenChanged() - Unsuccessful login attempt. Nobody got informed.");
                return;
            }
            log.debug("rbaTokenChanged() - Received logout notification from the RBAC toolbar.");
            String name = this.rbaGUILoginToken.getUser().getName();
            this.rbaGUILoginToken = null;
            Iterator<AuthenticationListener> it = this.authenticationListeners.iterator();
            while (it.hasNext()) {
                it.next().onLogout(name);
            }
            return;
        }
        String name2 = rbaToken.getUser().getName();
        if (rbaToken.isEmpty() || !rbaToken.isValid()) {
            log.info("User " + name2 + " has logged out.");
            removeRbaToken(name2);
            Iterator<AuthenticationListener> it2 = this.authenticationListeners.iterator();
            while (it2.hasNext()) {
                it2.next().onLogout(name2);
            }
            return;
        }
        boolean z = false;
        if (this.userSSOContexts.get(name2) == null) {
            z = this.rbaGUILoginToken != null;
            this.rbaGUILoginToken = rbaToken;
        }
        if (z) {
            return;
        }
        log.info("User " + name2 + " has successfully logged in.");
        Iterator<AuthenticationListener> it3 = this.authenticationListeners.iterator();
        while (it3.hasNext()) {
            it3.next().onLogin(name2);
        }
    }

    @Override // cern.c2mon.client.ext.rbac.impl.RbaTokenManager
    public RbaToken findRbaToken(String str) {
        RbaToken rbaToken = this.userSSOContexts.get(str);
        if (rbaToken != null) {
            return rbaToken;
        }
        if (this.rbaGUILoginToken == null || !this.rbaGUILoginToken.getUser().getName().equalsIgnoreCase(str)) {
            return null;
        }
        return this.rbaGUILoginToken;
    }

    public void removeRbaToken(String str) {
        this.userSSOContexts.remove(str);
        if (this.rbaGUILoginToken == null || !this.rbaGUILoginToken.getUser().getName().equalsIgnoreCase(str)) {
            return;
        }
        this.rbaGUILoginToken = null;
    }
}
