package org.dcache.webadmin.view.pages.login;

import java.security.cert.X509Certificate;
import org.apache.wicket.Component;
import org.apache.wicket.PageReference;
import org.apache.wicket.Session;
import org.apache.wicket.authentication.IAuthenticationStrategy;
import org.apache.wicket.behavior.Behavior;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.form.Button;
import org.apache.wicket.markup.html.form.CheckBox;
import org.apache.wicket.markup.html.form.PasswordTextField;
import org.apache.wicket.markup.html.form.StatelessForm;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.panel.FeedbackPanel;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.protocol.https.RequireHttps;
import org.apache.wicket.request.cycle.RequestCycle;
import org.dcache.webadmin.controller.LogInService;
import org.dcache.webadmin.controller.exceptions.LogInServiceException;
import org.dcache.webadmin.view.beans.LogInBean;
import org.dcache.webadmin.view.pages.basepage.BasePage;
import org.dcache.webadmin.view.util.DefaultFocusBehaviour;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequireHttps
/* loaded from: input_file:WEB-INF/classes/org/dcache/webadmin/view/pages/login/LogIn.class */
public class LogIn extends BasePage {
    private static final String X509_CERTIFICATE_ATTRIBUTE = "javax.servlet.request.X509Certificate";
    private static final Logger _log = LoggerFactory.getLogger(LogIn.class);
    private static final long serialVersionUID = 8902191632839916396L;

    /* loaded from: input_file:WEB-INF/classes/org/dcache/webadmin/view/pages/login/LogIn$LogInForm.class */
    private class LogInForm extends StatelessForm {
        private static final long serialVersionUID = -1800491058587279179L;
        private TextField _username;
        private PasswordTextField _password;
        private CheckBox _rememberMe;
        private WebMarkupContainer _rememberMeRow;
        private LogInBean _logInModel;

        /* loaded from: input_file:WEB-INF/classes/org/dcache/webadmin/view/pages/login/LogIn$LogInForm$CertSignInButton.class */
        private class CertSignInButton extends Button {
            private static final long serialVersionUID = 7349334961548160283L;

            public CertSignInButton(String str) {
                super(str);
                setDefaultFormProcessing(false);
            }

            public void onSubmit() {
                try {
                    if (!LogInForm.this.isSignedIn()) {
                        LogIn.signInWithCert(LogInForm.this.getLogInService());
                    }
                    LogIn.this.goToPage();
                } catch (IllegalArgumentException e) {
                    error(LogIn.this.getStringResource("noCertError"));
                    LogIn._log.debug("no certificate provided");
                } catch (LogInServiceException e2) {
                    String message = e2.getMessage() != null ? e2.getMessage() : "unknown";
                    error(LogIn.this.getStringResource("loginError"));
                    LogIn._log.debug("cert sign in error - cause {}", message);
                }
            }
        }

        /* loaded from: input_file:WEB-INF/classes/org/dcache/webadmin/view/pages/login/LogIn$LogInForm$LogInButton.class */
        private class LogInButton extends Button {
            private static final long serialVersionUID = -8852712258475979167L;

            public LogInButton(String str) {
                super(str);
            }

            public void onSubmit() {
                IAuthenticationStrategy authenticationStrategy = getApplication().getSecuritySettings().getAuthenticationStrategy();
                try {
                    if (!LogInForm.this.isSignedIn()) {
                        LogInForm.this.signIn(LogInForm.this._logInModel, authenticationStrategy);
                    }
                    LogIn.this.goToPage();
                } catch (LogInServiceException e) {
                    authenticationStrategy.remove();
                    String message = e.getMessage() != null ? e.getMessage() : "unknown";
                    error(LogIn.this.getStringResource("loginError") + " - cause: " + message);
                    LogIn._log.debug("user/pwd sign in error - cause {}", message);
                }
            }
        }

        LogInForm(String str) {
            super(str, new CompoundPropertyModel(new LogInBean()));
            this._logInModel = (LogInBean) getDefaultModelObject();
            this._username = new TextField("username");
            this._username.setRequired(true);
            add(new Component[]{this._username});
            this._password = new PasswordTextField("password");
            add(new Component[]{this._password});
            add(new Component[]{new LogInButton("submit")});
            this._rememberMeRow = new WebMarkupContainer("rememberMeRow");
            add(new Component[]{this._rememberMeRow});
            this._rememberMe = new CheckBox("remembering");
            this._rememberMeRow.add(new Component[]{this._rememberMe});
            CertSignInButton certSignInButton = new CertSignInButton("certsignin");
            certSignInButton.add(new Behavior[]{new DefaultFocusBehaviour()});
            add(new Component[]{certSignInButton});
        }

        /* JADX INFO: Access modifiers changed from: private */
        public LogInService getLogInService() {
            return LogIn.this.getWebadminApplication().getLogInService();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean isSignedIn() {
            return LogIn.this.getWebadminSession().isSignedIn();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void signIn(LogInBean logInBean, IAuthenticationStrategy iAuthenticationStrategy) throws LogInServiceException {
            String str;
            String str2;
            if (logInBean != null) {
                str = logInBean.getUsername();
                str2 = logInBean.getPassword();
            } else {
                String[] load = iAuthenticationStrategy.load();
                if (load == null || load.length <= 1) {
                    throw new LogInServiceException("no username data saved");
                }
                str = load[0];
                str2 = load[1];
            }
            LogIn._log.debug("username sign in, username: {}", str);
            LogIn.this.getWebadminSession().setUser(getLogInService().authenticate(str, str2.toCharArray()));
            if (logInBean == null || !logInBean.isRemembering()) {
                iAuthenticationStrategy.remove();
            } else {
                iAuthenticationStrategy.save(str, new String[]{str2});
            }
        }
    }

    protected PageReference getReferrer() {
        return null;
    }

    protected void goToPage() {
        continueToOriginalDestination();
        PageReference referrer = getReferrer();
        if (referrer != null) {
            setResponsePage(referrer.getPage());
        } else {
            setResponsePage(getWebadminApplication().getHomePage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dcache.webadmin.view.pages.basepage.BasePage
    public void initialize() {
        super.initialize();
        FeedbackPanel feedbackPanel = new FeedbackPanel("feedback");
        add(new Component[]{new Label("dCacheInstanceName", getWebadminApplication().getDcacheName())});
        add(new Component[]{new Label("dCacheInstanceDescription", getWebadminApplication().getDcacheDescription())});
        add(new Component[]{feedbackPanel});
        add(new Component[]{new LogInForm("LogInForm")});
    }

    public static void signInWithCert(LogInService logInService) throws IllegalArgumentException, LogInServiceException {
        Session.get().setUser(logInService.authenticate(getCertChain()));
    }

    private static X509Certificate[] getCertChain() {
        Object attribute = RequestCycle.get().getRequest().getContainerRequest().getAttribute(X509_CERTIFICATE_ATTRIBUTE);
        if (attribute instanceof X509Certificate[]) {
            return (X509Certificate[]) attribute;
        }
        throw new IllegalArgumentException();
    }
}
