package com.threerings.user.depot;

import com.google.common.collect.Maps;
import com.samskivert.depot.CacheAdapter;
import com.samskivert.depot.ConnectionProvider;
import com.samskivert.depot.DatabaseException;
import com.samskivert.depot.PersistenceContext;
import com.samskivert.servlet.RedirectException;
import com.samskivert.servlet.user.AuthenticationFailedException;
import com.samskivert.servlet.user.Authenticator;
import com.samskivert.servlet.user.InvalidPasswordException;
import com.samskivert.servlet.user.NoSuchUserException;
import com.samskivert.servlet.user.Password;
import com.samskivert.servlet.user.User;
import com.samskivert.servlet.util.CookieUtil;
import com.samskivert.servlet.util.RequestUtils;
import com.samskivert.util.Interval;
import com.samskivert.util.RunQueue;
import com.samskivert.util.StringUtil;
import com.samskivert.util.Tuple;
import com.threerings.user.Log;
import com.threerings.user.OOOUser;
import java.util.Map;
import java.util.Properties;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/threerings/user/depot/DepotUserManager.class */
public class DepotUserManager {
    public static final Authenticator AUTH_INSECURE = new InsecureAuthenticator();
    public static final Authenticator AUTH_PASSWORD = new PasswordAuthenticator();
    protected Properties _config;
    protected DepotUserRepository _repository;
    protected Interval _pruner;
    protected String _loginURL;
    protected String _userAuthCookie;
    protected Map<String, Integer> _tagMap;
    protected String _accessDeniedURL;
    protected static final String USERAUTH_COOKIE = "id_";
    protected static final long SESSION_PRUNE_INTERVAL = 3600000;
    protected static final int PERSIST_EXPIRE_DAYS = 30;
    protected static final int NON_PERSIST_EXPIRE_DAYS = 1;
    protected static final boolean USERMGR_DEBUG = false;

    /* loaded from: input_file:com/threerings/user/depot/DepotUserManager$InsecureAuthenticator.class */
    public static class InsecureAuthenticator implements Authenticator {
        public void authenticateUser(User user, String str, Password password) throws InvalidPasswordException {
        }
    }

    /* loaded from: input_file:com/threerings/user/depot/DepotUserManager$PasswordAuthenticator.class */
    public static class PasswordAuthenticator implements Authenticator {
        public void authenticateUser(User user, String str, Password password) throws AuthenticationFailedException {
            if (!user.passwordsMatch(password)) {
                throw new InvalidPasswordException("error.invalid_password");
            }
        }
    }

    public DepotUserManager(Properties properties, ConnectionProvider connectionProvider) throws DatabaseException {
        this(properties, new PersistenceContext("userdb", connectionProvider, (CacheAdapter) null));
    }

    public DepotUserManager(Properties properties, PersistenceContext persistenceContext) throws DatabaseException {
        this(properties, persistenceContext, null);
    }

    public DepotUserManager(Properties properties, PersistenceContext persistenceContext, RunQueue runQueue) throws DatabaseException {
        this._userAuthCookie = USERAUTH_COOKIE;
        this._tagMap = Maps.newHashMap();
        init(properties, persistenceContext, runQueue);
    }

    public DepotUserManager() {
        this._userAuthCookie = USERAUTH_COOKIE;
        this._tagMap = Maps.newHashMap();
    }

    public void init(Properties properties, PersistenceContext persistenceContext) throws DatabaseException {
        init(properties, persistenceContext, null);
    }

    public void init(Properties properties, PersistenceContext persistenceContext, RunQueue runQueue) throws DatabaseException {
        this._config = properties;
        this._repository = createRepository(persistenceContext);
        this._loginURL = properties.getProperty("login_url");
        if (this._loginURL == null) {
            Log.log.warning("No login_url supplied in user manager config. Authentication won't work.", new Object[0]);
            this._loginURL = "/missing_login_url";
        }
        String property = properties.getProperty("auth_cookie.name");
        if (!StringUtil.isBlank(property)) {
            this._userAuthCookie = property;
        }
        this._pruner = new Interval(runQueue == null ? Interval.RUN_DIRECT : runQueue) { // from class: com.threerings.user.depot.DepotUserManager.1
            public void expired() {
                DepotUserManager.this._repository.pruneSessions();
            }
        };
        this._pruner.schedule(SESSION_PRUNE_INTERVAL, true);
        this._accessDeniedURL = properties.getProperty("access_denied_url");
        if (this._accessDeniedURL == null) {
            Log.log.warning("No 'access_denied_url' supplied in user manager config. Restricted pages will behave strangely.", new Object[0]);
        }
        for (AffiliateTagRecord affiliateTagRecord : getRepository().loadAffiliateTags()) {
            this._tagMap.put(affiliateTagRecord.tag, Integer.valueOf(affiliateTagRecord.tagId));
        }
    }

    public void shutdown() {
        this._pruner.cancel();
    }

    public DepotUserRepository getRepository() {
        return this._repository;
    }

    public int getAffiliateTagId(String str) {
        Integer num = this._tagMap.get(str);
        if (num != null) {
            return num.intValue();
        }
        Integer valueOf = Integer.valueOf(getRepository().registerAffiliateTag(str));
        this._tagMap.put(str, valueOf);
        return valueOf.intValue();
    }

    public String getAffiliateTagString(int i) {
        Integer valueOf = Integer.valueOf(i);
        for (Map.Entry<String, Integer> entry : this._tagMap.entrySet()) {
            if (valueOf.equals(entry.getValue())) {
                return entry.getKey();
            }
        }
        return null;
    }

    public String getAuthToken(HttpServletRequest httpServletRequest) {
        return CookieUtil.getCookieValue(httpServletRequest, this._userAuthCookie);
    }

    public OOOUser loadUser(HttpServletRequest httpServletRequest) {
        return loadUser(getAuthToken(httpServletRequest));
    }

    public OOOUser loadUser(String str) {
        return str == null ? null : this._repository.loadUserBySession(str, false);
    }

    public OOOUser requireUser(HttpServletRequest httpServletRequest) throws RedirectException {
        OOOUser loadUser = loadUser(httpServletRequest);
        if (loadUser != null) {
            return loadUser;
        }
        throw new RedirectException(this._loginURL.replace("%R", RequestUtils.getLocationEncoded(httpServletRequest)));
    }

    public OOOUser requireUser(HttpServletRequest httpServletRequest, byte b) throws RedirectException {
        OOOUser requireUser = requireUser(httpServletRequest);
        if (requireUser.holdsToken(b)) {
            return requireUser;
        }
        throw new RedirectException(this._accessDeniedURL);
    }

    public OOOUser requireUser(HttpServletRequest httpServletRequest, byte[] bArr) throws RedirectException {
        OOOUser requireUser = requireUser(httpServletRequest);
        if (requireUser.holdsAnyToken(bArr)) {
            return requireUser;
        }
        throw new RedirectException(this._accessDeniedURL);
    }

    public OOOUser login(String str, Password password, boolean z, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authenticator authenticator) throws AuthenticationFailedException {
        OOOUser loadUser = this._repository.loadUser(str);
        if (loadUser == null) {
            throw new NoSuchUserException("error.no_such_user");
        }
        authenticator.authenticateUser(loadUser, str, password);
        effectLogin(loadUser, z, httpServletRequest, httpServletResponse);
        return loadUser;
    }

    public Tuple<OOOUser, String> login(String str, Password password, int i, Authenticator authenticator) throws AuthenticationFailedException {
        OOOUser loadUser = this._repository.loadUser(str);
        if (loadUser == null) {
            throw new NoSuchUserException("error.no_such_user");
        }
        authenticator.authenticateUser(loadUser, str, password);
        return new Tuple<>(loadUser, this._repository.registerSession(loadUser, i));
    }

    public String effectLogin(OOOUser oOOUser, boolean z, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return effectLogin(oOOUser, z ? PERSIST_EXPIRE_DAYS : 1, httpServletRequest, httpServletResponse);
    }

    public String effectLogin(OOOUser oOOUser, int i, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String registerSession = this._repository.registerSession(oOOUser, Math.max(i, 1));
        Cookie cookie = new Cookie(this._userAuthCookie, registerSession);
        if (!"false".equalsIgnoreCase(this._config.getProperty("auth_cookie.strip_hostname"))) {
            CookieUtil.widenDomain(httpServletRequest, cookie);
        }
        cookie.setPath("/");
        cookie.setMaxAge(i > 0 ? i * 24 * 60 * 60 : -1);
        httpServletResponse.addCookie(cookie);
        return registerSession;
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (CookieUtil.getCookieValue(httpServletRequest, this._userAuthCookie) == null) {
            return;
        }
        Cookie cookie = new Cookie(this._userAuthCookie, "x");
        cookie.setPath("/");
        cookie.setMaxAge(0);
        CookieUtil.widenDomain(httpServletRequest, cookie);
        httpServletResponse.addCookie(cookie);
        Cookie cookie2 = new Cookie(this._userAuthCookie, "x");
        cookie2.setPath("/");
        cookie2.setMaxAge(0);
        httpServletResponse.addCookie(cookie2);
    }

    public boolean refreshSession(String str, int i) {
        return this._repository.refreshSession(str, i);
    }

    protected DepotUserRepository createRepository(PersistenceContext persistenceContext) throws DatabaseException {
        return new DepotUserRepository(persistenceContext);
    }
}
