package org.cerberus.core.service.authentification.impl;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.core.jackson.JsonConstants;
import org.cerberus.core.crud.entity.Parameter;
import org.cerberus.core.crud.entity.TestCaseExecution;
import org.cerberus.core.crud.entity.User;
import org.cerberus.core.crud.service.IParameterService;
import org.cerberus.core.crud.service.IUserService;
import org.cerberus.core.exception.CerberusException;
import org.cerberus.core.service.authentification.IAPIKeyService;
import org.cerberus.core.util.StringUtil;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:WEB-INF/classes/org/cerberus/core/service/authentification/impl/APIKeyService.class */
public class APIKeyService implements IAPIKeyService {
    private static final Logger LOG = LogManager.getLogger((Class<?>) APIKeyService.class);

    @Autowired
    private IParameterService parameterService;

    @Autowired
    private IUserService userService;

    @Override // org.cerberus.core.service.authentification.IAPIKeyService
    public boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            LOG.debug("Checking API Call.");
            if (!isApiKeyAuthEnabled()) {
                return true;
            }
            LOG.debug(httpServletRequest.getUserPrincipal());
            if (httpServletRequest.getUserPrincipal() != null && !StringUtil.isEmpty(httpServletRequest.getUserPrincipal().getName())) {
                LOG.debug("User connected with : '" + httpServletRequest.getUserPrincipal().getName() + "'");
                return true;
            }
            if (apiKeyValidLogin(httpServletRequest.getHeader("apikey")) != null) {
                return true;
            }
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(JsonConstants.ELT_MESSAGE, "Invalid API Key (please feed a valid apikey value inside HTTP Headers) !!");
            jSONObject.put("returnCode", TestCaseExecution.CONTROLSTATUS_KO);
            httpServletResponse.getWriter().print(jSONObject.toString(1));
            httpServletResponse.setStatus(401);
            return false;
        } catch (IOException e) {
            LOG.error("IO Exception when checking API Key.", (Throwable) e);
            return false;
        } catch (JSONException e2) {
            LOG.error("JSON Exception when checking API Key.", (Throwable) e2);
            return false;
        }
    }

    @Override // org.cerberus.core.service.authentification.IAPIKeyService
    public boolean authenticate(String str) {
        return isApiKeyAuthEnabled() && apiKeyValidLogin(str) != null;
    }

    @Override // org.cerberus.core.service.authentification.IAPIKeyService
    public boolean authenticate(Principal principal, String str) {
        return !(principal == null || StringUtil.isEmpty(principal.getName())) || authenticate(str);
    }

    @Override // org.cerberus.core.service.authentification.IAPIKeyService
    public String authenticateLogin(Principal principal, String str) {
        if (principal != null && !StringUtil.isEmpty(principal.getName())) {
            return principal.getName();
        }
        if (isApiKeyAuthEnabled()) {
            return apiKeyValidLogin(str);
        }
        return null;
    }

    private boolean isApiKeyAuthEnabled() {
        return this.parameterService.getParameterBooleanByKey(Parameter.VALUE_cerberus_apikey_enable, "", true);
    }

    @Override // org.cerberus.core.service.authentification.IAPIKeyService
    public String getServiceAccountAPIKey() {
        try {
            return this.userService.findUserByKey(User.CERBERUS_SERVICEACCOUNT_LOGIN).getApiKey();
        } catch (CerberusException e) {
            LOG.error("Error when trying to get APIKey of service account : srvaccount");
            return null;
        }
    }

    private String apiKeyValidLogin(String str) {
        String str2 = null;
        if (!StringUtil.isEmpty(str)) {
            str2 = this.userService.verifyAPIKey(str);
        }
        return str2;
    }
}
