package org.activiti.surf;

import org.apache.myfaces.shared_impl.renderkit.html.HTML;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.extensions.surf.exception.AuthenticationException;
import org.springframework.extensions.webscripts.connector.AbstractAuthenticator;
import org.springframework.extensions.webscripts.connector.ConnectorSession;
import org.springframework.extensions.webscripts.connector.Credentials;
import org.springframework.extensions.webscripts.connector.RemoteClient;
import org.springframework.extensions.webscripts.connector.Response;
import org.springframework.web.servlet.view.json.MappingJacksonJsonView;

/* loaded from: input_file:WEB-INF/classes/org/activiti/surf/ActivitiRESTAuthenticator.class */
public class ActivitiRESTAuthenticator extends AbstractAuthenticator {
    public static final String ACTIVITI_REST_AUTHORISED_KEY = "org.activiti.rest.authorised";

    @Override // org.springframework.extensions.webscripts.connector.AbstractAuthenticator, org.springframework.extensions.webscripts.connector.Authenticator
    public ConnectorSession authenticate(String str, Credentials credentials, ConnectorSession connectorSession) throws AuthenticationException {
        ConnectorSession connectorSession2 = null;
        if (credentials == null) {
            throw new AuthenticationException("Unable to validate login since username and password wasn't provided");
        }
        RemoteClient remoteClient = new RemoteClient(str);
        String str2 = (String) credentials.getProperty(Credentials.CREDENTIAL_USERNAME);
        String str3 = (String) credentials.getProperty(Credentials.CREDENTIAL_PASSWORD);
        remoteClient.setRequestContentType(MappingJacksonJsonView.DEFAULT_CONTENT_TYPE);
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("userId", str2);
            jSONObject.put(HTML.INPUT_TYPE_PASSWORD, str3);
            Response call = remoteClient.call("/login", jSONObject.toString());
            if (call.getStatus().getCode() != 200) {
                try {
                    throw new AuthenticationException(new JSONObject(call.getResponse()).getString("message"));
                } catch (JSONException e) {
                    throw new AuthenticationException("Unable to login:" + call.getResponse());
                }
            }
            try {
                if (new JSONObject(call.getResponse()).getBoolean("success") && connectorSession != null) {
                    connectorSession.setParameter(ACTIVITI_REST_AUTHORISED_KEY, "true");
                    connectorSession2 = connectorSession;
                }
                return connectorSession2;
            } catch (JSONException e2) {
                throw new AuthenticationException("Unable to validate login", e2);
            }
        } catch (JSONException e3) {
            throw new AuthenticationException("Unable to create json login request", e3);
        }
    }

    @Override // org.springframework.extensions.webscripts.connector.AbstractAuthenticator, org.springframework.extensions.webscripts.connector.Authenticator
    public boolean isAuthenticated(String str, ConnectorSession connectorSession) {
        return connectorSession.getParameter(ACTIVITI_REST_AUTHORISED_KEY) != null;
    }
}
