package org.alfresco.repo.security.authentication;

import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.AuthenticationException;
import net.sf.acegisecurity.AuthenticationManager;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.Context;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.tenant.TenantContextHolder;
import org.alfresco.repo.tenant.TenantDisabledException;
import org.alfresco.repo.tenant.TenantUtil;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.transaction.TransactionListener;
import org.alfresco.util.Pair;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/alfresco/repo/security/authentication/AuthenticationComponentImpl.class */
public class AuthenticationComponentImpl extends AbstractAuthenticationComponent {
    private Log logger = LogFactory.getLog(getClass());
    private MutableAuthenticationDao authenticationDao;
    AuthenticationManager authenticationManager;
    CompositePasswordEncoder passwordEncoder;

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setAuthenticationDao(MutableAuthenticationDao mutableAuthenticationDao) {
        this.authenticationDao = mutableAuthenticationDao;
    }

    public void setCompositePasswordEncoder(CompositePasswordEncoder compositePasswordEncoder) {
        this.passwordEncoder = compositePasswordEncoder;
    }

    /* JADX WARN: Type inference failed for: r11v0, types: [java.lang.Throwable, org.alfresco.repo.tenant.TenantDisabledException] */
    @Override // org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
    protected void authenticateImpl(String str, final char[] cArr) throws AuthenticationException {
        if (this.logger.isTraceEnabled()) {
            this.logger.trace("Authentication for user: " + AuthenticationUtil.maskUsername(str));
        }
        try {
            Pair userTenant = AuthenticationUtil.getUserTenant(str);
            final String str2 = (String) userTenant.getFirst();
            final String str3 = (String) userTenant.getSecond();
            String str4 = (String) getTransactionService().getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<String>() { // from class: org.alfresco.repo.security.authentication.AuthenticationComponentImpl.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback
                public String execute() throws Throwable {
                    final String str5 = str2;
                    final char[] cArr2 = cArr;
                    return (String) TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<String>() { // from class: org.alfresco.repo.security.authentication.AuthenticationComponentImpl.1.1
                        /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
                        public String m888doWork() throws Exception {
                            List<String> hashIndicator;
                            String userIdentifier = AuthenticationComponentImpl.this.getPersonService().getUserIdentifier(str5);
                            String str6 = userIdentifier == null ? str5 : userIdentifier;
                            AuthenticationComponentImpl.this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(str6, new String(cArr2)));
                            RepositoryAuthenticatedUser loadUserByUsername = AuthenticationComponentImpl.this.authenticationDao.loadUserByUsername(str6);
                            if ((loadUserByUsername instanceof RepositoryAuthenticatedUser) && (hashIndicator = loadUserByUsername.getHashIndicator()) != null && !hashIndicator.isEmpty() && (hashIndicator.size() > 1 || !AuthenticationComponentImpl.this.passwordEncoder.lastEncodingIsPreferred(hashIndicator))) {
                                HashPasswordTransactionListener hashPasswordTransactionListener = new HashPasswordTransactionListener(str5, cArr2);
                                hashPasswordTransactionListener.setTransactionService(AuthenticationComponentImpl.this.getTransactionService());
                                hashPasswordTransactionListener.setAuthenticationDao(AuthenticationComponentImpl.this.authenticationDao);
                                AlfrescoTransactionSupport.bindListener((TransactionListener) hashPasswordTransactionListener);
                                if (AuthenticationComponentImpl.this.logger.isDebugEnabled()) {
                                    AuthenticationComponentImpl.this.logger.debug("New hashed password for user '" + AuthenticationUtil.maskUsername(str5) + "' has been requested");
                                }
                            }
                            return userIdentifier;
                        }
                    }, str3);
                }
            }, true);
            if (str4 == null) {
                setCurrentUser(str2, AuthenticationComponent.UserNameValidationMode.CHECK_AND_FIX);
            } else {
                setCurrentUser(str4, AuthenticationComponent.UserNameValidationMode.NONE);
            }
            TenantContextHolder.setTenantDomain(str3);
        } catch (AuthenticationException e) {
            StringWriter stringWriter = new StringWriter();
            PrintWriter printWriter = new PrintWriter(stringWriter);
            printWriter.println(e.toString());
            e.printStackTrace(printWriter);
            printWriter.close();
            throw new AuthenticationException(stringWriter.toString());
        } catch (TenantDisabledException e2) {
            throw new AuthenticationException(e2.getMessage(), (Throwable) e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
    public UserDetails getUserDetails(String str) {
        if (!AuthenticationUtil.isMtEnabled()) {
            return this.authenticationDao.loadUserByUsername(str);
        }
        Authentication fullAuthentication = AuthenticationUtil.getFullAuthentication();
        if (fullAuthentication == null) {
            try {
                AuthenticationUtil.setFullyAuthenticatedUser(getSystemUserName(getUserDomain(str)));
            } catch (Throwable th) {
                if (fullAuthentication == null) {
                    ContextHolder.setContext((Context) null);
                }
                throw th;
            }
        }
        UserDetails loadUserByUsername = this.authenticationDao.loadUserByUsername(str);
        if (fullAuthentication == null) {
            ContextHolder.setContext((Context) null);
        }
        return loadUserByUsername;
    }

    public String getMD4HashedPassword(String str) {
        return this.authenticationDao.getMD4HashedPassword(str);
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        throw new AlfrescoRuntimeException("Authentication via token not supported");
    }

    @Override // org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
    protected boolean implementationAllowsGuestLogin() {
        return true;
    }

    @Override // org.alfresco.repo.security.authentication.AbstractAuthenticationComponent, org.alfresco.repo.security.authentication.AuthenticationComponent
    public Set<String> getDefaultAdministratorUserNames() {
        return Collections.singleton(AuthenticationUtil.getAdminUserName());
    }
}
