package edu.harvard.med.countway.auth.ecommons;

import edu.harvard.med.countway.auth.AuthResponseCode;
import edu.harvard.med.countway.auth.ecommons.HmsaccessCookieValue;
import edu.harvard.med.countway.auth.ldap.HarvardLdapAuthorizer;
import edu.harvard.med.countway.config.LoginType;
import edu.harvard.med.countway.dl.dao.EcommonsUserDAO;
import edu.harvard.med.countway.dl.dao.UserDAO;
import edu.harvard.med.countway.dl.model.EcommonsUser;
import edu.harvard.med.countway.dl.model.User;
import java.sql.SQLException;
import javax.naming.NamingException;
import javax.servlet.http.Cookie;
import org.apache.log4j.Logger;

/* loaded from: input_file:edu/harvard/med/countway/auth/ecommons/HmsaccessAuthenticator.class */
public class HmsaccessAuthenticator {
    private static final Logger log = Logger.getLogger(HmsaccessAuthenticator.class);
    private static final boolean DEBUG = log.isDebugEnabled();
    private static final long ecoffset = 0;
    private static final long expiry = 1800000;
    private Cookie cookie;
    private String ip;
    private String uid;
    private String firstName;
    private String lastName;
    private String name;
    private String email;
    private Integer dluid;
    private final EcommonsUserDAO ecommonsUserDao = new EcommonsUserDAO();
    private final UserDAO userDao = new UserDAO();
    private LoginType loginType = LoginType.ecid;
    private Boolean dlaccess = false;
    private AuthResponseCode responseCode = AuthResponseCode.UNKNOWN;

    public HmsaccessAuthenticator(Cookie cookie, String str) {
        if (cookie == null || str == null) {
            throw new IllegalArgumentException("cookie and ip arguments are required");
        }
        this.cookie = cookie;
        this.ip = str;
        log.info("hmsaccess_value: " + HmsaccessCookieValue.decodeValue(cookie.getValue()));
        authenticate();
    }

    private void authenticate() {
        try {
            HmsaccessCookieValue fromEncodedValue = HmsaccessCookieValue.getFromEncodedValue(this.cookie.getValue());
            if (fromEncodedValue.isExpired(expiry).booleanValue()) {
                this.responseCode = AuthResponseCode.EXPIRED_HMSACCESS_COOKIE;
                log.info(this.responseCode);
                return;
            }
            this.uid = fromEncodedValue.getEcid();
            try {
                User user = new User();
                user.setEcid(this.uid);
                this.dluid = this.userDao.insertUser(user);
                try {
                    EcommonsUser selectEcommonsUserByEcid = this.ecommonsUserDao.selectEcommonsUserByEcid(this.uid);
                    if (selectEcommonsUserByEcid != null) {
                        String firstName = selectEcommonsUserByEcid.getFirstName();
                        String lastName = selectEcommonsUserByEcid.getLastName();
                        String email = selectEcommonsUserByEcid.getEmail();
                        if (firstName != null && lastName != null) {
                            this.firstName = firstName;
                            this.lastName = lastName;
                            this.name = firstName + " " + lastName;
                        }
                        if (email != null) {
                            this.email = email;
                        }
                    }
                } catch (SQLException e) {
                    log.error("error looking up name/email", e);
                }
                try {
                    String huidFromEcid = this.ecommonsUserDao.getHuidFromEcid(this.uid);
                    if (huidFromEcid == null) {
                        this.responseCode = AuthResponseCode.ECOMMONS_HUID_NOT_AVAILABLE;
                        log.info(this.responseCode + ": " + this.uid);
                        return;
                    }
                    try {
                        HarvardLdapAuthorizer harvardLdapAuthorizer = new HarvardLdapAuthorizer(huidFromEcid);
                        this.dlaccess = harvardLdapAuthorizer.isAuthorized();
                        log.info("userClass: " + this.uid + ": " + harvardLdapAuthorizer.getUserClass());
                        if (this.dlaccess.booleanValue()) {
                            this.responseCode = AuthResponseCode.SUCCESS;
                            log.info(this.responseCode + ": " + this.uid);
                        } else {
                            this.responseCode = AuthResponseCode.DL_ACCESS_DENIED;
                            log.info(this.responseCode + ": " + this.uid);
                        }
                        if (DEBUG) {
                            log.debug("uid: " + this.uid);
                            log.debug("loginType: " + this.loginType);
                            log.debug("name: " + this.name);
                            log.debug("email: " + this.email);
                            log.debug("dluid: " + this.dluid);
                            log.debug("dlaccess: " + this.dlaccess);
                            log.debug("responseCode: " + this.responseCode);
                        }
                    } catch (NamingException e2) {
                        this.responseCode = AuthResponseCode.HUID_LDAP_AUTH_FAILED;
                        log.info(this.responseCode + ": " + this.uid, e2);
                    }
                } catch (SQLException e3) {
                    this.responseCode = AuthResponseCode.ECOMMONS_HUID_LOOKUP_FAILED;
                    log.info(this.responseCode + ": " + this.uid, e3);
                }
            } catch (SQLException e4) {
                this.responseCode = AuthResponseCode.USER_DB_UPDATE_ERROR;
                log.info(this.responseCode + ": " + this.uid, e4);
            }
        } catch (HmsaccessCookieValue.HmsaccessCookieValueException e5) {
            this.responseCode = AuthResponseCode.INVALID_HMSACCESS_COOKIE;
            log.info(this.responseCode, e5);
        }
    }

    public String getUid() {
        return this.uid;
    }

    public LoginType getLoginType() {
        return this.loginType;
    }

    public String getFirstName() {
        return this.firstName;
    }

    public String getLastName() {
        return this.lastName;
    }

    public String getName() {
        return this.name;
    }

    public String getEmail() {
        return this.email;
    }

    public Integer getDluid() {
        return this.dluid;
    }

    public Boolean getDlaccess() {
        return this.dlaccess;
    }

    public AuthResponseCode getResponseCode() {
        return this.responseCode;
    }
}
