package org.bubblecloud.ilves.ui.anonymous.login;

import com.vaadin.server.VaadinService;
import com.vaadin.ui.Notification;
import com.vaadin.ui.UI;
import java.util.List;
import javax.persistence.EntityManager;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.bubblecloud.ilves.model.Company;
import org.bubblecloud.ilves.model.Group;
import org.bubblecloud.ilves.model.User;
import org.bubblecloud.ilves.security.AuditService;
import org.bubblecloud.ilves.security.SecurityService;
import org.bubblecloud.ilves.security.UserDao;
import org.bubblecloud.ilves.site.AbstractSiteUI;
import org.bubblecloud.ilves.site.AbstractViewlet;
import org.bubblecloud.ilves.site.SecurityProviderSessionImpl;
import org.bubblecloud.ilves.util.OpenIdUtil;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.Identifier;

/* loaded from: input_file:org/bubblecloud/ilves/ui/anonymous/login/OpenIdLoginViewlet.class */
public final class OpenIdLoginViewlet extends AbstractViewlet {
    private static final long serialVersionUID = 1;
    private static final Logger LOGGER = Logger.getLogger(OpenIdLoginViewlet.class);

    public void attach() {
        super.attach();
    }

    @Override // org.bubblecloud.ilves.site.Viewlet
    public void enter(String str) {
        EntityManager entityManager = (EntityManager) getSite().getSiteContext().getObject(EntityManager.class);
        Company company = (Company) getSite().getSiteContext().getObject(Company.class);
        HttpServletRequest httpServletRequest = VaadinService.getCurrentRequest().getHttpServletRequest();
        try {
            VerificationResult verificationResult = OpenIdUtil.getVerificationResult(company.getUrl(), "openidlogin");
            Identifier verifiedId = verificationResult.getVerifiedId();
            if (verifiedId == null) {
                ((AbstractSiteUI) UI.getCurrent()).redirectTo(company.getUrl(), "login", getSite().localize("message-login-failed") + ":" + verificationResult.getStatusMsg(), Notification.Type.ERROR_MESSAGE);
            }
            User userByOpenIdIdentifier = UserDao.getUserByOpenIdIdentifier(entityManager, company, verifiedId.getIdentifier());
            if (userByOpenIdIdentifier == null) {
                LOGGER.warn("User OpenID login failed due to not registered Open ID identifier: " + verifiedId.getIdentifier() + " (IP: " + httpServletRequest.getRemoteHost() + ":" + httpServletRequest.getRemotePort() + ")");
                ((AbstractSiteUI) UI.getCurrent()).redirectTo(company.getUrl(), "login", getSite().localize("message-login-failed"), Notification.Type.WARNING_MESSAGE);
            } else {
                if (userByOpenIdIdentifier.isLockedOut()) {
                    LOGGER.warn("User login failed due to user being locked out: " + userByOpenIdIdentifier.getEmailAddress() + " (IP: " + httpServletRequest.getRemoteHost() + ":" + httpServletRequest.getRemotePort() + ")");
                    ((AbstractSiteUI) UI.getCurrent()).redirectTo(company.getUrl(), "login", getSite().localize("message-login-failed"), Notification.Type.WARNING_MESSAGE);
                    return;
                }
                LOGGER.info("User login: " + userByOpenIdIdentifier.getEmailAddress() + " (IP: " + httpServletRequest.getRemoteHost() + ":" + httpServletRequest.getRemotePort() + ")");
                AuditService.log(getSite().getSiteContext(), "openid password login");
                List<Group> userGroups = UserDao.getUserGroups(entityManager, company, userByOpenIdIdentifier);
                SecurityService.updateUser(getSite().getSiteContext(), userByOpenIdIdentifier);
                ((SecurityProviderSessionImpl) getSite().getSecurityProvider()).setUser(userByOpenIdIdentifier, userGroups);
                ((AbstractSiteUI) UI.getCurrent()).redirectTo(company.getUrl(), getSite().getCurrentNavigationVersion().getDefaultPageName(), getSite().localize("message-login-success") + " (" + userByOpenIdIdentifier.getEmailAddress() + ")", Notification.Type.HUMANIZED_MESSAGE);
            }
        } catch (Exception e) {
            LOGGER.error("Error logging in OpenID user.", e);
            ((AbstractSiteUI) UI.getCurrent()).redirectTo(company.getUrl(), "login", getSite().localize("message-login-error"), Notification.Type.ERROR_MESSAGE);
        }
    }
}
