package org.bubblecloud.ilves.security;

import com.vaadin.server.Page;
import com.vaadin.server.VaadinSession;
import com.vaadin.ui.Notification;
import com.vaadin.ui.UI;
import java.util.Locale;
import javax.persistence.EntityManager;
import org.apache.log4j.Logger;
import org.bubblecloud.ilves.model.AuthenticationDeviceType;
import org.bubblecloud.ilves.model.Company;
import org.bubblecloud.ilves.model.User;
import org.bubblecloud.ilves.site.AbstractSiteUI;
import org.bubblecloud.ilves.site.DefaultSiteUI;
import org.bubblecloud.ilves.site.Site;
import org.joda.time.DateTime;
import org.joda.time.Duration;

/* loaded from: input_file:org/bubblecloud/ilves/security/SiteAuthenticationService.class */
public class SiteAuthenticationService {
    private static final Logger LOGGER = Logger.getLogger(LoginService.class);

    public static AuthenticationDeviceType getAuthenticationDeviceType(String str) {
        String lowerCase = str.toLowerCase();
        AbstractSiteUI abstractSiteUI = (AbstractSiteUI) UI.getCurrent();
        EntityManager entityManager = abstractSiteUI.getSite().getSiteContext().getEntityManager();
        User user = UserDao.getUser(entityManager, (Company) abstractSiteUI.getSite().getSiteContext().getObject(Company.class), lowerCase);
        if (user == null) {
            return AuthenticationDeviceType.NONE;
        }
        entityManager.refresh(user);
        return U2fService.hasDeviceRegistrations(Site.getCurrent().getSiteContext(), lowerCase) ? AuthenticationDeviceType.UNIVERSAL_SECOND_FACTOR : user.getGoogleAuthenticatorSecret() != null ? AuthenticationDeviceType.GOOGLE_AUTHENTICATOR : AuthenticationDeviceType.NONE;
    }

    public static void login(String str, char[] cArr, String str2, String str3) {
        String lowerCase = str.toLowerCase();
        AbstractSiteUI abstractSiteUI = (AbstractSiteUI) UI.getCurrent();
        EntityManager entityManager = abstractSiteUI.getSite().getSiteContext().getEntityManager();
        Company company = (Company) abstractSiteUI.getSite().getSiteContext().getObject(Company.class);
        User user = UserDao.getUser(entityManager, company, lowerCase);
        Locale locale = abstractSiteUI.getLocale() == null ? Locale.ENGLISH : abstractSiteUI.getLocale();
        if (user == null) {
            new Notification(DefaultSiteUI.getLocalizationProvider().localize("message-login-failed", locale), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
            return;
        }
        entityManager.refresh(user);
        if (user.getGoogleAuthenticatorSecret() != null) {
            if (str2 == null) {
                new Notification(DefaultSiteUI.getLocalizationProvider().localize("message-invalid-code", locale), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
                return;
            } else if (!GoogleAuthenticatorService.checkCode(SecurityUtil.decryptSecretKey(user.getGoogleAuthenticatorSecret()), str2)) {
                new Notification(DefaultSiteUI.getLocalizationProvider().localize("message-invalid-code", locale), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
                return;
            }
        }
        String login = LoginService.login(abstractSiteUI.getSite().getSiteContext(), company, user, lowerCase, cArr, VaadinSession.getCurrent().getSession().getId(), str3);
        if (login == null) {
            login(locale, entityManager, company, user);
        } else {
            if (login.equals("message-login-failed-duplicate-login-for-login-transaction-id")) {
                return;
            }
            if (str2 != null) {
                new Notification(DefaultSiteUI.getLocalizationProvider().localize("message-invalid-email-or-password-or-user-locked", locale), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
            } else {
                new Notification(DefaultSiteUI.getLocalizationProvider().localize(login, locale), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
            }
        }
    }

    private static void login(Locale locale, EntityManager entityManager, Company company, User user) {
        AbstractSiteUI abstractSiteUI = (AbstractSiteUI) UI.getCurrent();
        DefaultSiteUI.getSecurityProvider().setUser(user, UserDao.getUserGroups(entityManager, company, user));
        if (user.getPasswordExpirationDate() == null || new DateTime().plusDays(14).toDate().getTime() <= user.getPasswordExpirationDate().getTime()) {
            abstractSiteUI.setNotification(DefaultSiteUI.getLocalizationProvider().localize("message-login-success", locale), Notification.Type.TRAY_NOTIFICATION);
        } else {
            new Notification(DefaultSiteUI.getLocalizationProvider().localize("message-password-expires-in-days", locale) + ": " + new Duration(new DateTime().toDate().getTime(), new DateTime(user.getPasswordExpirationDate()).toDate().getTime()).getStandardDays(), Notification.Type.WARNING_MESSAGE).show(Page.getCurrent());
        }
        abstractSiteUI.getPage().setLocation(company.getUrl());
    }
}
