package com.raplix.rolloutexpress.ui.web;

import com.raplix.rolloutexpress.RaplixException;
import com.raplix.rolloutexpress.ServerWebUIApplication;
import com.raplix.rolloutexpress.systemmodel.userdb.SessionID;
import com.raplix.rolloutexpress.systemmodel.userdb.SessionManager;
import com.raplix.rolloutexpress.systemmodel.userdb.SessionVarDecryptionException;
import com.raplix.rolloutexpress.systemmodel.userdb.SessionVariableSet;
import com.raplix.rolloutexpress.systemmodel.userdb.UserDBException;
import com.raplix.util.logger.Logger;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:122991-01/SUNWspscl/reloc/cli/lib/upgrade/5.2.1/rox.jar:com/raplix/rolloutexpress/ui/web/LoginAction.class */
public final class LoginAction extends ROXServlet {
    public static final String MSG_ERROR_MAJOR = "error.login.major";
    public static final String MSG_ERROR_FAILED = "error.login.failed";
    public static final String MSG_ERROR_SESSION_TIMEOUT = "error.login.sessionTimeout";
    public static final String MSG_ERROR_NOT_LOGGEDIN = "error.login.noLoggedIn";
    public static final String MSG_ERROR_UNKNOWN = "error.login.unknown";
    public static final String MSG_SESSION_ERROR_MAJOR = "error.loginDecrypt.major";

    @Override // com.raplix.rolloutexpress.ui.web.ROXServlet
    public void executeServlet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ServletErrors servletErrors = new ServletErrors();
        try {
            Logger.debug("at beginning of execute servlet for LoginAction", this);
            HttpSession session = httpServletRequest.getSession();
            String parameter = httpServletRequest.getParameter(ParameterConstants.PARAM_ERROR_FLAG);
            if (parameter != null) {
                if (parameter.equals(ParameterConstants.PARAM_ERROR_SESSIONTIMEDOUT)) {
                    servletErrors.addMinorErrorKey(MSG_ERROR_SESSION_TIMEOUT);
                    servletErrors.setMajorErrorKey(MSG_ERROR_MAJOR);
                    httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
                } else if (!parameter.equals(ParameterConstants.PARAM_ERROR_NOTLOGGEDIN)) {
                    servletErrors.addMinorErrorKey(MSG_ERROR_UNKNOWN);
                    servletErrors.setMajorErrorKey(MSG_ERROR_MAJOR);
                    httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
                }
            }
            String parameter2 = httpServletRequest.getParameter(ParameterConstants.PARAM_LOGIN);
            Logger.debug(new StringBuffer().append("user submitted login request with login:").append(parameter2).toString(), this);
            if (parameter2 == null) {
                Logger.debug("login is null, forwarding to:/login.jsp", this);
                forwardRequest(httpServletRequest, httpServletResponse, PageConstants.PAGE_USERLOGIN);
                return;
            }
            SessionManager userSessionManager = getApplication().getUserSessionManager();
            String parameter3 = httpServletRequest.getParameter("mode");
            String str = null;
            if (parameter3 == null || !(parameter3.equals(ActionModeConstants.MODE_FLUSH) || parameter3.equals(ActionModeConstants.MODE_REENCRYPT))) {
                str = httpServletRequest.getParameter(ParameterConstants.PARAM_CURRENT_PASSWORD1);
            } else {
                try {
                    if (parameter3.equals(ActionModeConstants.MODE_FLUSH)) {
                        str = httpServletRequest.getParameter(ParameterConstants.PARAM_CURRENT_PASSWORD2);
                        userSessionManager.recryptSessionVariables(true, parameter2, str, null);
                    } else if (parameter3.equals(ActionModeConstants.MODE_REENCRYPT)) {
                        String parameter4 = httpServletRequest.getParameter(ParameterConstants.PARAM_OLD_PASSWORD);
                        str = httpServletRequest.getParameter(ParameterConstants.PARAM_CURRENT_PASSWORD1);
                        userSessionManager.recryptSessionVariables(false, parameter2, str, parameter4);
                    }
                } catch (UserDBException e) {
                    servletErrors.setMajorErrorKey(MSG_SESSION_ERROR_MAJOR);
                    servletErrors.addMinorError(e.getMessage());
                    httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
                    httpServletRequest.setAttribute("request.beanid", parameter2);
                    httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_MODE, parameter3);
                    forwardRequest(httpServletRequest, httpServletResponse, PageConstants.PAGE_LOGINDECRYPT);
                    return;
                }
            }
            try {
                SessionID login = userSessionManager.login(parameter2, str);
                getApplication().getUIContextServices().setSessionID(login);
                Logger.debug(new StringBuffer().append("successfully logged in and got a session id of:").append(login).toString(), this);
                SessionVariableSet sessionVariables = userSessionManager.getSessionVariables();
                if (Logger.isDebugEnabled(this)) {
                    Logger.debug(new StringBuffer().append("Pre-purge svs: ").append(sessionVariables.toString()).toString(), this);
                }
                SessionVariableSet purgeNonDescriptorVars = sessionVariables.purgeNonDescriptorVars();
                if (Logger.isDebugEnabled(this)) {
                    Logger.debug(new StringBuffer().append("Post-purge svs: ").append(purgeNonDescriptorVars.toString()).toString(), this);
                }
                userSessionManager.setSessionVariables(purgeNonDescriptorVars);
                session.setAttribute(AttributeConstants.ATTR_SESSION_USER, login);
                session.setAttribute(AttributeConstants.ATTR_SESSION_LOGGED_IN_USER, parameter2);
                session.setMaxInactiveInterval(1100 * getROXSessionTimeout());
                Logger.debug(new StringBuffer().append("Forwarding to ").append(PageConstants.CONTROL_CUSTOM_PAGE_HOME).toString(), this);
                httpServletResponse.sendRedirect(PageConstants.CONTROL_CUSTOM_PAGE_HOME);
            } catch (SessionVarDecryptionException e2) {
                servletErrors.setMajorError(e2.getMessage());
                httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
                httpServletRequest.setAttribute("request.beanid", parameter2);
                httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_MODE, ActionModeConstants.MODE_FLUSH);
                forwardRequest(httpServletRequest, httpServletResponse, PageConstants.PAGE_LOGINDECRYPT);
            } catch (UserDBException e3) {
                Logger.debug("Login failed, login and password not authenticated", this);
                servletErrors.setMajorErrorKey(MSG_ERROR_MAJOR);
                servletErrors.addMinorError(e3.getMessage());
                httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
                forwardRequest(httpServletRequest, httpServletResponse, PageConstants.PAGE_USERLOGIN);
            }
        } catch (RaplixException e4) {
            Logger.debug(new StringBuffer().append("Exception caught in Login: ").append(e4.getMessage()).toString(), e4, this);
            servletErrors.setMajorErrorKey(MSG_ERROR_MAJOR);
            servletErrors.addMinorError(e4.getMessage());
            httpServletRequest.setAttribute(AttributeConstants.ATTR_REQUEST_ERROR, servletErrors);
            forwardRequest(httpServletRequest, httpServletResponse, PageConstants.PAGE_USERLOGIN);
        }
    }

    private int getROXSessionTimeout() throws RaplixException {
        try {
            return ((ServerWebUIApplication) getApplication()).getUserDBSubsystem().getConfigSessionTimeout();
        } catch (ClassCastException e) {
            return 36000000;
        }
    }
}
