package org.alfresco.web.scripts.portlet;

import javax.portlet.PortletSession;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.web.app.servlet.AuthenticationHelper;
import org.alfresco.web.bean.repository.User;
import org.alfresco.web.scripts.WebScriptContext;
import org.alfresco.web.scripts.WebScriptDescription;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/alfresco-web-client.jar:org/alfresco/web/scripts/portlet/WebClientPortletAuthenticator.class */
public class WebClientPortletAuthenticator implements WebScriptPortletAuthenticator {
    private static final Log logger = LogFactory.getLog(WebClientPortletAuthenticator.class);
    private AuthenticationService authenticationService;
    private WebScriptContext scriptContext;

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setScriptContext(WebScriptContext webScriptContext) {
        this.scriptContext = webScriptContext;
    }

    @Override // org.alfresco.web.scripts.portlet.WebScriptPortletAuthenticator
    public boolean authenticate(WebScriptDescription.RequiredAuthentication requiredAuthentication, boolean z, RenderRequest renderRequest, RenderResponse renderResponse) {
        PortletSession portletSession = renderRequest.getPortletSession();
        String str = (String) renderRequest.getPortletSession().getAttribute(WebScriptPortletRequest.ALFPORTLETUSERNAME);
        if (str == null) {
            str = renderRequest.getRemoteUser();
        }
        if (logger.isDebugEnabled()) {
            logger.debug("JSR-168 Remote user: " + str);
        }
        if (z || str == null) {
            if (logger.isDebugEnabled()) {
                logger.debug("Authenticating as Guest");
            }
            AuthenticationUtil.setCurrentUser(AuthenticationUtil.getGuestUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("Setting Web Client authentication context for guest");
            }
            createWebClientUser(portletSession);
            removeSessionInvalidated(portletSession);
            return true;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Authenticating as user " + str);
        }
        AuthenticationUtil.setCurrentUser(str);
        User webClientUser = getWebClientUser(portletSession);
        if (webClientUser != null && str.equals(webClientUser.getUserName())) {
            return true;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Setting Web Client authentication context for user " + str);
        }
        createWebClientUser(portletSession);
        removeSessionInvalidated(portletSession);
        return true;
    }

    private void removeSessionInvalidated(PortletSession portletSession) {
        portletSession.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED, 1);
    }

    private void createWebClientUser(PortletSession portletSession) {
        NodeRef person = this.scriptContext.getPerson();
        User user = new User(this.authenticationService.getCurrentUserName(), this.authenticationService.getCurrentTicket(), person);
        NodeRef userHome = this.scriptContext.getUserHome(person);
        if (userHome != null) {
            user.setHomeSpaceId(userHome.getId());
        }
        portletSession.setAttribute(AuthenticationHelper.AUTHENTICATION_USER, user, 1);
    }

    private User getWebClientUser(PortletSession portletSession) {
        return (User) portletSession.getAttribute(AuthenticationHelper.AUTHENTICATION_USER, 1);
    }
}
