package de.superx.saiku;

import de.superx.common.SxUser;
import de.superx.servlet.SuperXManager;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.saiku.web.service.SessionService;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:de/superx/saiku/SuperxSaikuSessionService.class */
public class SuperxSaikuSessionService extends SessionService {
    public static Logger logger = Logger.getLogger(SuperxSaikuSessionService.class);
    public static final String VIEW_OLAP_RIGHT = "RIGHT_CS_BIA_OLAP_CREATE_TABLES";
    Map<Object, Map<String, Object>> sessionHolder = new HashMap();
    private transient AuthenticationManager authenticationManager;

    public void authenticate(HttpServletRequest httpServletRequest, String str, String str2) {
        SxUser superxUserFromSession = getSuperxUserFromSession(httpServletRequest);
        if (superxUserFromSession == null) {
            throw new RuntimeException("SuperX-Session Authentication failed for: " + str);
        }
        if (SuperXManager.isHis1 && !superxUserFromSession.getHis1Rights().contains(VIEW_OLAP_RIGHT)) {
            throw new RuntimeException("SuperX Authentication failed. Missing right to view olap reports!");
        }
        try {
            PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(superxUserFromSession, superxUserFromSession.getPassword());
            preAuthenticatedAuthenticationToken.setDetails(superxUserFromSession);
            Authentication authenticate = this.authenticationManager.authenticate(preAuthenticatedAuthenticationToken);
            logger.info("Logging in with " + authenticate.getPrincipal());
            SecurityContextHolder.getContext().setAuthentication(authenticate);
        } catch (BadCredentialsException e) {
            throw new RuntimeException("Authentication failed for: " + str, e);
        }
    }

    public Map<String, Object> getSession() {
        if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) {
            Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            if (this.sessionHolder.containsKey(principal)) {
                HashMap hashMap = new HashMap();
                hashMap.putAll(this.sessionHolder.get(principal));
                hashMap.remove("password");
                return hashMap;
            }
        }
        return new HashMap();
    }

    public Map<String, Object> getAllSessionObjects() {
        if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) {
            Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            if (this.sessionHolder.containsKey(principal)) {
                HashMap hashMap = new HashMap();
                hashMap.putAll(this.sessionHolder.get(principal));
                return hashMap;
            }
        }
        return new HashMap();
    }

    public Map<String, Object> login(HttpServletRequest httpServletRequest, String str, String str2) {
        if (this.authenticationManager != null) {
            authenticate(httpServletRequest, str, str2);
        }
        if (SecurityContextHolder.getContext() == null || SecurityContextHolder.getContext().getAuthentication() == null) {
            return new HashMap();
        }
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (!this.sessionHolder.containsKey(principal)) {
            this.sessionHolder.put(principal, new HashMap());
        }
        String username = ((UserDetails) principal).getUsername();
        if (username == null) {
            throw new RuntimeException("No real username found for: " + str);
        }
        this.sessionHolder.get(principal).put("username", username);
        this.sessionHolder.get(principal).put("password", str2);
        this.sessionHolder.get(principal).put("sessionid", UUID.randomUUID().toString());
        ArrayList arrayList = new ArrayList();
        Iterator it = SecurityContextHolder.getContext().getAuthentication().getAuthorities().iterator();
        while (it.hasNext()) {
            arrayList.add(((GrantedAuthority) it.next()).getAuthority());
        }
        this.sessionHolder.get(principal).put("roles", arrayList);
        return this.sessionHolder.get(principal);
    }

    public void logout(HttpServletRequest httpServletRequest) {
        if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) {
            Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            if (this.sessionHolder.containsKey(principal)) {
                this.sessionHolder.remove(principal);
            }
        }
        SecurityContextHolder.clearContext();
        httpServletRequest.getSession(true).invalidate();
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    private static SxUser getSuperxUserFromSession(HttpServletRequest httpServletRequest) {
        SxUser sxUser = null;
        HttpSession session = httpServletRequest.getSession();
        if (session != null) {
            sxUser = (SxUser) session.getAttribute("user");
        }
        return sxUser;
    }
}
