package com.parablu.pc.controller.cd;

import com.parablu.bluvault.ah.service.AuditHistoryService;
import com.parablu.bluvault.udc.controller.BaseController;
import com.parablu.bluvault.udc.service.DeviceManagementService;
import com.parablu.bluvault.udc.service.PciAuthorizationTokensService;
import com.parablu.bluvault.udc.service.UserManagementService;
import com.parablu.cloud.security.service.AuthorizationService;
import com.parablu.cloud.security.service.LicenseService;
import com.parablu.cloud.security.to.CloudLicenseTo;
import com.parablu.helper.exceptions.BaseException;
import com.parablu.mt.service.LdapService;
import com.parablu.paracloud.constant.PCActionTypes;
import com.parablu.paracloud.constant.PCClientTypes;
import com.parablu.pcbd.domain.User;
import com.parablu.psc.service.UserAndDeviceStatisticService;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import java.util.UUID;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataIntegrityViolationException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:com/parablu/pc/controller/cd/PMSUserManagementController.class */
public class PMSUserManagementController extends BaseController {
    private static Logger logger = LogManager.getLogger(PMSUserManagementController.class);

    @Autowired
    private UserManagementService managementService;

    @Autowired
    private LicenseService licenseService;

    @Autowired
    private AuditHistoryService auditHistoryService;

    @Autowired
    private UserAndDeviceStatisticService userAndDeviceStatisticService;

    @Autowired
    private AuthorizationService authorizationService1;

    @Autowired
    private DeviceManagementService deviceManagementService;

    @Autowired
    private LdapService ldapService;

    @Autowired
    private PciAuthorizationTokensService pciAuthorizationTokensService;
    private static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String POST_GET_OPTIONS_DELETE = "POST, GET, OPTIONS, DELETE";
    private static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
    private static final String X_REQUESTED_WITH_FIRSTLOGIN_TOKEN = "x-requested-with, firstLogin, token";
    private static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String USER_NAME = "userName";
    private static final String PORTAL = "portal";
    private static final String TRUE = "true";
    private static final String FALSE = "false";
    private static final String INSIDE_AUTHENTICATE_DATA_INTEGRITY_VIOLATION_EXCEPTION = "@@@ Inside authenticate DataIntegrityViolationException...";
    private static final String INSIDE_AUTHENTICATE_DATA_ACCESS_EXCEPTION = "@@@ Inside authenticate DataAccessException...";
    private static final String INSIDE_AUTHENTICATE_BASE_EXCEPTION = "@@@ Inside authenticate BaseException...";
    private static final String EXCEPTION = "Exception  :";

    @RequestMapping(value = {"cloud/{cloudName}/pmsauthenticate"}, method = {RequestMethod.GET})
    public ModelAndView authenticate(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header;
        String header2;
        String header3;
        String header4;
        CloudLicenseTo validateLicense;
        logger.debug("calling /authenticate ...");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_METHODS, POST_GET_OPTIONS_DELETE);
        httpServletResponse.setHeader(ACCESS_CONTROL_MAX_AGE, "3600");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_HEADERS, X_REQUESTED_WITH_FIRSTLOGIN_TOKEN);
        try {
            header = httpServletRequest.getHeader(USER_NAME);
            header2 = httpServletRequest.getHeader("password");
            header3 = httpServletRequest.getHeader("deviceName");
            header4 = httpServletRequest.getHeader("clientType");
            validateLicense = this.licenseService.validateLicense(str);
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
        } catch (DataIntegrityViolationException e2) {
            logger.trace(INSIDE_AUTHENTICATE_DATA_INTEGRITY_VIOLATION_EXCEPTION + e2);
            logger.error(INSIDE_AUTHENTICATE_DATA_INTEGRITY_VIOLATION_EXCEPTION + e2.getMessage());
            httpServletResponse.setStatus(401);
        } catch (DataAccessException e3) {
            logger.trace(INSIDE_AUTHENTICATE_DATA_ACCESS_EXCEPTION + e3);
            logger.error(INSIDE_AUTHENTICATE_DATA_ACCESS_EXCEPTION + e3.getMessage());
            httpServletResponse.setStatus(401);
        } catch (BaseException e4) {
            logger.trace(INSIDE_AUTHENTICATE_BASE_EXCEPTION + e4);
            logger.error(INSIDE_AUTHENTICATE_BASE_EXCEPTION + e4.getMessage());
            httpServletResponse.setStatus(e4.getErrorStatus());
        }
        if (!checkLicense(validateLicense, httpServletResponse)) {
            logger.debug("@@@ Inside authenticate invalid license ...");
            return null;
        }
        String cloudName = validateLicense.getCloud().getCloudName();
        int i = 1;
        if (header4 != null) {
            logger.debug("@@@ Inside client selection ..." + header4);
            i = PCClientTypes.getClientType(header4);
        }
        int cloudId = validateLicense.getCloud().getCloudId();
        logger.debug(cloudName + "   calling /authenticate1 ...  " + cloudId);
        logger.debug(header + "   calling /authenticate2 ...  " + header2);
        User authenticate = this.managementService.authenticate(cloudId, cloudName, header, header2);
        if (header4 != null) {
            header4 = (StringUtils.isEmpty(header4) || header4.equalsIgnoreCase(PORTAL)) ? PORTAL : header4.toLowerCase();
        }
        this.auditHistoryService.saveStatisticToDatabase(cloudId, cloudName, "logged into " + header4, header, "", header3, System.currentTimeMillis(), PCActionTypes.LOGIN.getActionTypeValue());
        String valueOf = String.valueOf(UUID.randomUUID());
        this.authorizationService1.addTokenByUser(cloudId, cloudName, valueOf, header, i);
        if (authenticate.isSyncEnabled() || authenticate.isBackupEnabled()) {
            List devicesForUser = this.deviceManagementService.getDevicesForUser(cloudId, cloudName, header);
            if (devicesForUser == null || !devicesForUser.isEmpty()) {
                httpServletResponse.setHeader("has-connected-clients", FALSE);
            } else {
                httpServletResponse.setHeader("has-connected-clients", TRUE);
            }
        }
        if (authenticate.isFirstLogin()) {
            httpServletResponse.setHeader("firstLogin", TRUE);
            authenticate.setFirstLogin(false);
            this.managementService.updateUserInfo(cloudId, cloudName, authenticate);
        } else {
            httpServletResponse.setHeader("firstLogin", FALSE);
        }
        httpServletResponse.setHeader("token", valueOf);
        httpServletResponse.setStatus(202);
        return null;
    }

    @RequestMapping(value = {"cloud/{cloudName}/pms/adauthenticate"}, method = {RequestMethod.GET})
    public ModelAndView adAuthenticate(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header;
        String header2;
        String header3;
        CloudLicenseTo validateLicense;
        logger.debug("calling /adauthenticate ...");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_METHODS, POST_GET_OPTIONS_DELETE);
        httpServletResponse.setHeader(ACCESS_CONTROL_MAX_AGE, "3600");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_HEADERS, X_REQUESTED_WITH_FIRSTLOGIN_TOKEN);
        try {
            header = httpServletRequest.getHeader(USER_NAME);
            header2 = httpServletRequest.getHeader("deviceName");
            header3 = httpServletRequest.getHeader("clientType");
            validateLicense = this.licenseService.validateLicense(str);
        } catch (DataIntegrityViolationException e) {
            logger.trace(INSIDE_AUTHENTICATE_DATA_INTEGRITY_VIOLATION_EXCEPTION + e);
            logger.error(INSIDE_AUTHENTICATE_DATA_INTEGRITY_VIOLATION_EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(401);
        } catch (DataAccessException e2) {
            logger.trace(INSIDE_AUTHENTICATE_DATA_ACCESS_EXCEPTION + e2);
            logger.error(INSIDE_AUTHENTICATE_DATA_ACCESS_EXCEPTION + e2.getMessage());
            httpServletResponse.setStatus(401);
        } catch (BaseException e3) {
            logger.trace(INSIDE_AUTHENTICATE_BASE_EXCEPTION + e3);
            logger.error(INSIDE_AUTHENTICATE_BASE_EXCEPTION + e3.getMessage());
            httpServletResponse.setStatus(e3.getErrorStatus());
        } catch (Exception e4) {
            logger.trace("Exception   :" + e4);
            logger.error("Exception   :" + e4.getMessage());
        }
        if (!checkLicense(validateLicense, httpServletResponse)) {
            logger.debug("@@@ Inside authenticate invalid license ...");
            return null;
        }
        String cloudName = validateLicense.getCloud().getCloudName();
        int i = 1;
        if (header3 != null) {
            logger.debug("@@@ Inside client selection ..." + header3);
            i = PCClientTypes.getClientType(header3);
        }
        int cloudId = validateLicense.getCloud().getCloudId();
        String header4 = httpServletRequest.getHeader("ldapPwdEnc");
        String str2 = null;
        if (!StringUtils.isEmpty(header4)) {
            try {
                str2 = decrypt(header4, "26ac50996c66634c", "a9985ebcae81");
            } catch (Exception e5) {
                logger.debug("ERROR in decryption ... " + e5);
                logger.error("ERROR in decryption ... " + e5.getMessage());
            }
        }
        if (!((Boolean) this.ldapService.authenticate(header, str2)[0]).booleanValue()) {
            logger.debug("NOTINSIDEAUTHENTICATE LDAP ENABLED .............." + str2);
            httpServletResponse.setStatus(400);
            return null;
        }
        User userDetails = this.managementService.getUserDetails(cloudId, cloudName, header);
        this.auditHistoryService.saveStatisticToDatabase(cloudId, cloudName, "logged into " + ((StringUtils.isEmpty(header3) || header3.equalsIgnoreCase(PORTAL)) ? PORTAL : header3.toLowerCase()), header, "", header2, System.currentTimeMillis(), PCActionTypes.LOGIN.getActionTypeValue());
        String valueOf = String.valueOf(UUID.randomUUID());
        this.authorizationService1.addTokenByUser(cloudId, cloudName, valueOf, header, i);
        if (userDetails.isSyncEnabled() || userDetails.isBackupEnabled()) {
            List devicesForUser = this.deviceManagementService.getDevicesForUser(cloudId, cloudName, header);
            if (devicesForUser == null || !devicesForUser.isEmpty()) {
                httpServletResponse.setHeader("has-connected-clients", FALSE);
            } else {
                httpServletResponse.setHeader("has-connected-clients", TRUE);
            }
        }
        if (userDetails.isFirstLogin()) {
            httpServletResponse.setHeader("firstLogin", TRUE);
            userDetails.setFirstLogin(false);
            this.managementService.updateUserInfo(cloudId, cloudName, userDetails);
        } else {
            httpServletResponse.setHeader("firstLogin", FALSE);
        }
        httpServletResponse.setHeader("token", valueOf);
        httpServletResponse.setStatus(202);
        return null;
    }

    @RequestMapping(value = {"cloud/{cloudName}/pms/adauthenticated"}, method = {RequestMethod.GET})
    public ModelAndView adAuthenticated(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header;
        String header2;
        logger.debug("calling /adauthenticate ...");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_METHODS, POST_GET_OPTIONS_DELETE);
        httpServletResponse.setHeader(ACCESS_CONTROL_MAX_AGE, "3600");
        httpServletResponse.setHeader(ACCESS_CONTROL_ALLOW_HEADERS, X_REQUESTED_WITH_FIRSTLOGIN_TOKEN);
        try {
            header = httpServletRequest.getHeader(USER_NAME);
            header2 = httpServletRequest.getHeader("ldapPwdEnc");
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
        }
        if (((Boolean) this.ldapService.authenticate(header, header2)[0]).booleanValue()) {
            logger.debug(" AUTHENTICATE LDAP ENABLED .............." + header2);
            httpServletResponse.setStatus(202);
            return null;
        }
        logger.debug("NOTINSIDEAUTHENTICATE LDAP ENABLED .............." + header2);
        httpServletResponse.setStatus(400);
        return null;
    }

    @RequestMapping(value = {"/pms/ping/"}, method = {RequestMethod.GET})
    public synchronized void testping(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug(" Inside privacy gateway ....");
        httpServletResponse.setStatus(200);
    }

    public static String md5(String str) throws NoSuchAlgorithmException {
        return new BigInteger(1, MessageDigest.getInstance("MD5").digest(str.getBytes())).toString(16);
    }

    public String decrypt(String str, String str2, String str3) {
        String str4 = null;
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(md5(str3).getBytes(), "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(str2.getBytes());
            Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            str4 = new String(cipher.doFinal(new Base64().decode(str.getBytes())), "UTF8");
        } catch (Exception e) {
            logger.trace("Problem decrypting the data", e);
        }
        return str4;
    }

    @RequestMapping(value = {"cloud/{cloudName}/update/user/pcitoken"}, method = {RequestMethod.POST})
    public void updateUserPciToken(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (!checkLicense(validateLicense, httpServletResponse)) {
                logger.error("INVALID CLOUD LICENSE .... ");
                return;
            }
            this.pciAuthorizationTokensService.updateAllUserTokens(validateLicense.getCloud().getCloudId(), str);
            httpServletResponse.setStatus(200);
        } catch (Exception e) {
            httpServletResponse.setStatus(500);
            logger.trace("error trying to load elements  ..........." + e);
            logger.error("error trying to load elements  ..........." + e.getMessage());
        }
    }
}
