package org.n52.security.apps.wscweb.struts;

import java.util.UUID;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import org.n52.security.authentication.AnonymousCredential;
import org.n52.security.authentication.UsernamePasswordCredential;
import org.n52.security.service.facade.FacadeCreator;
import org.n52.security.service.facade.IdentifyPrecondition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/apps/wscweb/struts/IDPreconditionAction.class */
public class IDPreconditionAction extends FacadeCreationAction {
    private static Logger LOG = LoggerFactory.getLogger(IDPreconditionAction.class);

    @Override // org.n52.security.apps.wscweb.struts.FacadeCreationAction
    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        UsernamePasswordCredential anonymousCredential;
        String str;
        IDPreconditionForm iDPreconditionForm = (IDPreconditionForm) actionForm;
        IdentifyPrecondition currentPrecondition = getPreconditionHandler(httpServletRequest.getSession()).currentPrecondition();
        FacadeCreator facadeCreator = getFacadeCreator(httpServletRequest.getSession());
        String username = iDPreconditionForm.getUsername();
        String password = iDPreconditionForm.getPassword();
        boolean isAnonymous = iDPreconditionForm.isAnonymous();
        httpServletRequest.getSession().setAttribute("username", username);
        httpServletRequest.getSession().setAttribute("password", password);
        if (isAnonymous) {
            anonymousCredential = new AnonymousCredential();
            facadeCreator.getFacadeProperties().setNamePrefix("anonymous-" + UUID.randomUUID().toString());
            str = "<anonymous>";
        } else {
            str = username != null ? username.trim() : null;
            if (isForbiddenByPattern(str)) {
                ActionMessages actionMessages = new ActionMessages();
                actionMessages.add("login.failed", new ActionMessage("failure.text.loginFailed", str));
                saveErrors(httpServletRequest, actionMessages);
                LOG.warn("a user tried logon with preserved credentails <" + str + ">");
                return actionMapping.findForward(FacadeAction.FAILURE_FORWARD);
            }
            anonymousCredential = new UsernamePasswordCredential(str, password);
            facadeCreator.getFacadeProperties().setNamePrefix(str);
        }
        httpServletRequest.getSession().setAttribute("username", str);
        currentPrecondition.setCredential(anonymousCredential);
        return actionMapping.findForward(FacadeAction.PRECONDITION_CONTROL_FORWARD);
    }

    private boolean isForbiddenByPattern(String str) {
        String notAllowUsernamePattern = getFacadeManagerService().getNotAllowUsernamePattern();
        return notAllowUsernamePattern != null && notAllowUsernamePattern.length() > 0 && Pattern.matches(notAllowUsernamePattern, str);
    }
}
