package org.squashtest.tm.web.backend.security.authentication;

import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationListener;
import org.springframework.context.annotation.Scope;
import org.springframework.core.task.TaskExecutor;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.squashtest.csp.core.bugtracker.core.BugTrackerNoCredentialsException;
import org.squashtest.csp.core.bugtracker.core.UnsupportedAuthenticationModeException;
import org.squashtest.tm.domain.bugtracker.BugTracker;
import org.squashtest.tm.domain.servers.AuthenticationPolicy;
import org.squashtest.tm.domain.servers.AuthenticationProtocol;
import org.squashtest.tm.domain.servers.BasicAuthenticationCredentials;
import org.squashtest.tm.domain.servers.Credentials;
import org.squashtest.tm.service.bugtracker.BugTrackerFinderService;
import org.squashtest.tm.service.bugtracker.BugTrackersLocalService;
import org.squashtest.tm.service.feature.FeatureManager;
import org.squashtest.tm.service.project.CustomProjectFinder;
import org.squashtest.tm.service.servers.CredentialsProvider;
import org.squashtest.tm.service.servers.UserCredentialsCache;
import org.squashtest.tm.web.backend.filter.UserCredentialsCachePersistenceFilter;

@Component
/* loaded from: input_file:WEB-INF/classes/org/squashtest/tm/web/backend/security/authentication/BugTrackerAutoconnectCallback.class */
public class BugTrackerAutoconnectCallback implements ApplicationListener<InteractiveAuthenticationSuccessEvent> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) BugTrackerAutoconnectCallback.class);

    @Inject
    private TaskExecutor taskExecutor;

    @Inject
    private CredentialsProvider credentialsProvider;

    @Inject
    private FeatureManager featureManager;

    @Inject
    private Provider<AsynchronousBugTrackerAutoconnect> asyncProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Scope("prototype")
    @Component
    /* loaded from: input_file:WEB-INF/classes/org/squashtest/tm/web/backend/security/authentication/BugTrackerAutoconnectCallback$AsynchronousBugTrackerAutoconnect.class */
    public static class AsynchronousBugTrackerAutoconnect implements Runnable {
        private String user;
        private Object springsecCredentials;
        private UserCredentialsCache credentialsCache;
        private final SecurityContext secContext = SecurityContextHolder.getContext();

        @Inject
        private BugTrackersLocalService bugTrackersLocalService;

        @Inject
        private BugTrackerFinderService bugTrackerFinder;

        @Inject
        private CredentialsProvider credentialsProvider;

        @Inject
        private FeatureManager featureManager;

        @Inject
        private CustomProjectFinder customProjectFinder;

        @Override // java.lang.Runnable
        public void run() {
            SecurityContextHolder.setContext(this.secContext);
            this.credentialsProvider.restoreCache(this.credentialsCache);
            try {
                for (BugTracker bugTracker : findBugTrackers()) {
                    try {
                        BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : attempting authentication on server '{}'", bugTracker.getName());
                        attemptAuthentication(bugTracker);
                    } catch (BugTrackerNoCredentialsException | UnsupportedAuthenticationModeException e) {
                        BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : Failed to connect user '{}' to the bugtracker {} with the supplied credentials. User will have to connect manually.", this.user, bugTracker);
                        BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : original exception is : ", e);
                    } catch (Exception e2) {
                        BugTrackerAutoconnectCallback.LOGGER.error("BugTrackerAutoconnectCallback : an unexpected error happened :", (Throwable) e2);
                    }
                }
            } finally {
                BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : completed autoconnection for user '{}'", this.credentialsCache.getUser());
                this.credentialsProvider.unloadCache();
            }
        }

        private void attemptAuthentication(BugTracker bugTracker) {
            AuthenticationPolicy authenticationPolicy = bugTracker.getAuthenticationPolicy();
            AuthenticationProtocol authenticationProtocol = bugTracker.getAuthenticationProtocol();
            BugTrackerAutoconnectCallback.LOGGER.trace("server '{}' is set to authentication policy '{}' and protocol '{}'", bugTracker.getName(), authenticationPolicy, authenticationProtocol);
            Credentials fetchCredentialsOrNull = fetchCredentialsOrNull(bugTracker);
            if (fetchCredentialsOrNull == null) {
                BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : could not find suitable credentials, skipping");
                return;
            }
            warnIfCredentialsOfWrongType(fetchCredentialsOrNull, authenticationProtocol);
            this.bugTrackersLocalService.validateCredentials(bugTracker, fetchCredentialsOrNull, true);
            BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : credentials successfully tested for server '{}'", bugTracker.getName());
        }

        private Credentials fetchCredentialsOrNull(BugTracker bugTracker) {
            Credentials credentials = null;
            Optional<Credentials> currentUserCredentials = bugTracker.getAuthenticationPolicy() == AuthenticationPolicy.USER ? this.credentialsProvider.getCurrentUserCredentials(bugTracker) : this.credentialsProvider.getAppLevelCredentials(bugTracker);
            if (currentUserCredentials.isPresent()) {
                BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : found credentials from the provider");
                credentials = currentUserCredentials.get();
            } else if (canTryUsingEvent(bugTracker)) {
                BugTrackerAutoconnectCallback.LOGGER.debug("BugTrackerAutoconnectCallback : can create the credentials using the authentication event");
                credentials = buildFromAuthenticationEvent();
            }
            return credentials;
        }

        private List<BugTracker> findBugTrackers() {
            return this.bugTrackerFinder.findDistinctBugTrackersForProjects(this.customProjectFinder.findAllReadableIds());
        }

        private boolean canTryUsingEvent(BugTracker bugTracker) {
            return bugTracker.getAuthenticationPolicy() == AuthenticationPolicy.USER && bugTracker.getAuthenticationProtocol() == AuthenticationProtocol.BASIC_AUTH && (this.springsecCredentials instanceof String) && this.featureManager.isEnabled(FeatureManager.Feature.AUTOCONNECT_ON_CONNECTION);
        }

        private Credentials buildFromAuthenticationEvent() {
            return new BasicAuthenticationCredentials(this.user, (String) this.springsecCredentials);
        }

        private void warnIfCredentialsOfWrongType(Credentials credentials, AuthenticationProtocol authenticationProtocol) {
            AuthenticationProtocol implementedProtocol = credentials.getImplementedProtocol();
            if (implementedProtocol != authenticationProtocol) {
                BugTrackerAutoconnectCallback.LOGGER.warn("BugTrackerAutoconnectCallback : attempting autoconnection with credentials for protocol '{}' while the configuration states that the (preferred) protocol is  '{}'. That doesn't mean the current credentials won't work (the connector still supports them) but this warning hints that they might be obsolete regarding your new preferred protocol.", implementedProtocol, authenticationProtocol);
            }
        }

        public void setUser(String str) {
            this.user = str;
        }

        public void setSpringsecCredentials(Object obj) {
            this.springsecCredentials = obj;
        }

        public void setCredentialsCache(UserCredentialsCache userCredentialsCache) {
            this.credentialsCache = userCredentialsCache;
        }
    }

    @Override // org.springframework.context.ApplicationListener
    public void onApplicationEvent(InteractiveAuthenticationSuccessEvent interactiveAuthenticationSuccessEvent) {
        Authentication authentication = interactiveAuthenticationSuccessEvent.getAuthentication();
        scheduleAutoconnection(authentication, initializeCredentialsCache(authentication.getName(), ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest().getSession()));
    }

    private UserCredentialsCache initializeCredentialsCache(String str, HttpSession httpSession) {
        LOGGER.debug("BugTrackerAutoconnectCallback : initializing the credentials cache");
        UserCredentialsCache userCredentialsCache = new UserCredentialsCache(str, this.featureManager);
        httpSession.setAttribute(UserCredentialsCachePersistenceFilter.CREDENTIALS_CACHE_SESSION_KEY, userCredentialsCache);
        this.credentialsProvider.restoreCache(userCredentialsCache);
        return userCredentialsCache;
    }

    private void scheduleAutoconnection(Authentication authentication, UserCredentialsCache userCredentialsCache) {
        LOGGER.debug("BugTrackerAutoconnectCallback : scheduling autoconnection for user '{}'", userCredentialsCache.getUser());
        AsynchronousBugTrackerAutoconnect asynchronousBugTrackerAutoconnect = this.asyncProvider.get();
        asynchronousBugTrackerAutoconnect.setUser(authentication.getName());
        asynchronousBugTrackerAutoconnect.setSpringsecCredentials(authentication.getCredentials());
        asynchronousBugTrackerAutoconnect.setCredentialsCache(userCredentialsCache);
        this.taskExecutor.execute(asynchronousBugTrackerAutoconnect);
    }
}
