package com.crystaldecisions.sdk.occa.security.internal;

import com.businessobjects.foundation.logging.ILogger;
import com.businessobjects.foundation.logging.LoggerManager;
import com.crystaldecisions.celib.uri.OcaURI;
import com.crystaldecisions.enterprise.ocaframework.AbstractStubHelper;
import com.crystaldecisions.enterprise.ocaframework.IManagedService;
import com.crystaldecisions.enterprise.ocaframework.OCAFrameworkException;
import com.crystaldecisions.enterprise.ocaframework.ServerKinds;
import com.crystaldecisions.enterprise.ocaframework.ServerSpec;
import com.crystaldecisions.enterprise.ocaframework.ServiceMgrFactory;
import com.crystaldecisions.enterprise.ocaframework.ServiceNames;
import com.crystaldecisions.enterprise.ocaframework.WireOb3Unpacker;
import com.crystaldecisions.enterprise.ocaframework.idl.ImplServ.OSCAFactoryPackage.connection_failure;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.OCAs.LogonEx4Helper;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.OCAs.LogonEx4Operations;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.SeqOctetHolder;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.message_type;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.message_union;
import com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuse;
import com.crystaldecisions.sdk.exception.SDKException;
import com.crystaldecisions.sdk.occa.security.IEnterpriseLogonInformation;
import com.crystaldecisions.sdk.occa.security.IUserInfo;
import com.crystaldecisions.sdk.properties.IProperties;
import com.crystaldecisions.sdk.properties.IProperty;
import com.crystaldecisions.sdk.properties.internal.PropertyIDs;
import com.crystaldecisions.sdk.properties.internal.SDKPropertyBag;
import com.crystaldecisions.thirdparty.org.omg.CORBA.Object;
import com.crystaldecisions.thirdparty.org.omg.CORBA.StringHolder;
import java.io.ByteArrayOutputStream;
import java.net.InetAddress;
import java.net.UnknownHostException;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/XMLConnector.jar:lib/cecore.jar:com/crystaldecisions/sdk/occa/security/internal/LogonService.class */
public class LogonService implements ILogonService {
    private static final ILogger LOG = LoggerManager.getLogger("com.crystaldecisions.sdk.occa.security.internal.LogonService");
    private LogonEx4Operations m_stub;
    private LogonEx4Operations m_stubForToken;
    private String m_aps;
    private PlugInLoader m_loader;
    private IManagedService m_handler;
    private static final int LOGON_INSANITY_LOOP = 2;
    private static final int FAILOVER_INSANITY_LOOP = 20;
    private static final String LOGON_WITH_TOKEN_ID = "1";
    private static final String USER_LOGON_ID = "2";
    private static final String s_hostname;
    private static final String s_ip;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LogonService(String str) {
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("LogonService(): aps=").append(str).toString());
        }
        this.m_aps = str;
        this.m_loader = new PlugInLoader();
    }

    @Override // com.crystaldecisions.sdk.occa.security.internal.ILogonService
    public ISecuritySession logonWithToken(String str) throws SDKException {
        return logonWithToken(str, getCurrentLogonIPInfo());
    }

    IEnterpriseLogonInformation getCurrentLogonIPInfo() {
        EnterpriseLogonInformation enterpriseLogonInformation = new EnterpriseLogonInformation(true);
        enterpriseLogonInformation.setReportedHostname(s_hostname);
        enterpriseLogonInformation.setReportedIP(s_ip);
        return enterpriseLogonInformation;
    }

    private String getLogonInfoURL(IEnterpriseLogonInformation iEnterpriseLogonInformation) {
        EnterpriseLogonInformation enterpriseLogonInformation = iEnterpriseLogonInformation == null ? new EnterpriseLogonInformation() : (EnterpriseLogonInformation) iEnterpriseLogonInformation;
        if (enterpriseLogonInformation.isSDKSet()) {
            return enterpriseLogonInformation.getURL();
        }
        try {
            enterpriseLogonInformation.getReportedIP();
        } catch (SDKException e) {
            try {
                enterpriseLogonInformation.getReportedHostname();
            } catch (SDKException e2) {
                enterpriseLogonInformation.setReportedIP("");
            }
        }
        try {
            enterpriseLogonInformation.getResolvedIP();
        } catch (SDKException e3) {
            try {
                enterpriseLogonInformation.getResolvedHostname();
            } catch (SDKException e4) {
                enterpriseLogonInformation.setResolvedIP("");
            }
        }
        return enterpriseLogonInformation.getURL();
    }

    @Override // com.crystaldecisions.sdk.occa.security.internal.ILogonService
    public ISecuritySession userLogon(String str, String str2, String str3) throws SDKException {
        return doUserLogon(new LogonCred(str, str2), str3, getCurrentLogonIPInfo());
    }

    private void checkVersionCompatibility(ISecuritySession iSecuritySession) throws SDKException {
        if (iSecuritySession.getAPSVersion(true) < iSecuritySession.getSDKVersion()) {
            throw new SDKException.UnsupportedEnterpriseVersion(iSecuritySession.getSDKVersion(), iSecuritySession.getAPSVersion());
        }
    }

    private ISecuritySession doLogon(String str, ISecurityPlugIn iSecurityPlugIn, LogonCred logonCred, IEnterpriseLogonInformation iEnterpriseLogonInformation) throws oca_abuse, SDKException {
        StringHolder stringHolder = new StringHolder();
        this.m_stub.GetParamsEx3(1200, str, stringHolder);
        LOG.assertNotNull(stringHolder.value, "params is null.");
        WireOb3Unpacker wireOb3Unpacker = new WireOb3Unpacker();
        wireOb3Unpacker.initialize(stringHolder.value);
        SDKPropertyBag sDKPropertyBag = new SDKPropertyBag();
        sDKPropertyBag.unpack(wireOb3Unpacker);
        if (this.m_loader.needParams(str)) {
            this.m_loader.setParams(str, sDKPropertyBag);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        String cluster = this.m_handler.getSvr().getCluster();
        String aps = (cluster == null || cluster.equals("")) ? this.m_handler.getAPS() : cluster.substring(cluster.indexOf(64) + 1);
        if (logonCred.UsePassword()) {
            iSecurityPlugIn.startLogin(logonCred.GetUsername(), logonCred.GetPassword(), aps, byteArrayOutputStream);
        } else {
            iSecurityPlugIn.startLogin(logonCred.GetGSSCredential(), logonCred.GetGSSManager(), aps, byteArrayOutputStream);
        }
        StringHolder stringHolder2 = new StringHolder();
        SeqOctetHolder seqOctetHolder = new SeqOctetHolder();
        String logonInfoURL = getLogonInfoURL(iEnterpriseLogonInformation);
        int UserLogonEx4 = this.m_stub.UserLogonEx4(1200, logonInfoURL, byteArrayOutputStream.toByteArray(), str, stringHolder2, seqOctetHolder);
        while (UserLogonEx4 == 1) {
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            int continueLogin = iSecurityPlugIn.continueLogin(seqOctetHolder.value, byteArrayOutputStream2);
            UserLogonEx4 = this.m_stub.ContinueLogonEx4(1200, logonInfoURL, byteArrayOutputStream2.toByteArray(), str, stringHolder2, seqOctetHolder);
            LOG.assertTrue(UserLogonEx4 == continueLogin, "Assertion failed");
        }
        ISecuritySession createSession = createSession(this.m_handler.getAPS(), this.m_handler.getSvr().getCluster(), stringHolder2.value);
        checkVersionCompatibility(createSession);
        if (checkNeedsPropagateCredentials(sDKPropertyBag) && logonCred.UsePassword()) {
            IUserInfo userInfo = createSession.getUserInfo();
            userInfo.setProfileString("DBUSER", logonCred.GetUsername());
            userInfo.setSecondaryCredentialEx("DBPASS", logonCred.GetPassword());
        }
        return createSession;
    }

    private ISecuritySession createSession(String str, String str2, String str3) throws SDKException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("createSession(): enter");
        }
        WireOb3Unpacker wireOb3Unpacker = new WireOb3Unpacker();
        wireOb3Unpacker.initialize(str3);
        SDKPropertyBag sDKPropertyBag = new SDKPropertyBag();
        sDKPropertyBag.unpack(wireOb3Unpacker);
        String string = sDKPropertyBag.getString(PropertyIDs.SESSIONID);
        String string2 = sDKPropertyBag.getString(PropertyIDs.USERID);
        String stringBuffer = new StringBuffer().append(str).append('@').append(sDKPropertyBag.getString(PropertyIDs.SI_FAILOVER_TOKEN)).toString();
        String ocaURI = new OcaURI(str, PropertyIDs.SESSIONID, string).toString();
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("createSession(): userID=").append(string2).append(",userHandler=").append(string).append(",token=").append(stringBuffer).append(",uri=").append(ocaURI).toString());
        }
        ISecuritySession makeServerLogonSession = sDKPropertyBag.getBoolean(PropertyIDs.SI_SERVER_LOGON_SESSION) ? SecurityFactory.getFactory().makeServerLogonSession(str, ocaURI, stringBuffer, str2, sDKPropertyBag) : SecurityFactory.getFactory().makeSecuritySession(str, ocaURI, stringBuffer, str2, sDKPropertyBag);
        LOG.assertNotNull(makeServerLogonSession, "session is null.");
        if (LOG.isDebugEnabled()) {
            LOG.debug("createSession(): exit");
        }
        return makeServerLogonSession;
    }

    private void ensureTokenServiceStub() throws SDKException {
        synchronized (this) {
            if (this.m_stubForToken != null) {
                return;
            }
            try {
                IManagedService managedService = ServiceMgrFactory.getServiceMgr().getManagedService("1", ServiceNames.OCA_S_ILOGON, this.m_aps.charAt(0) == '@' ? new ServerSpec("", ServerKinds.APS, "", this.m_aps, null, true, false) : new ServerSpec(this.m_aps, ServerKinds.APS, this.m_aps, true, true), "", "", new IManagedService.IHelperFactory(this) { // from class: com.crystaldecisions.sdk.occa.security.internal.LogonService.1
                    private final LogonService this$0;

                    {
                        this.this$0 = this;
                    }

                    @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IHelperFactory
                    public IManagedService.IStubHelper makeHelper() {
                        return new AbstractStubHelper(this) { // from class: com.crystaldecisions.sdk.occa.security.internal.LogonService.2
                            private final AnonymousClass1 this$1;

                            {
                                this.this$1 = this;
                            }

                            @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IStubHelper
                            public Object narrow(Object object) {
                                return LogonEx4Helper.narrow(object);
                            }

                            @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IStubHelper
                            public void release(Object obj) {
                                ((LogonEx4Operations) obj).free();
                            }
                        };
                    }
                });
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("getServiceStub(): got APS=").append(managedService.getAPS()).toString());
                }
                _LogonEx4Proxy _logonex4proxy = new _LogonEx4Proxy(managedService);
                synchronized (this) {
                    if (this.m_stubForToken != null) {
                        return;
                    }
                    this.m_stubForToken = _logonex4proxy;
                    this.m_handler = managedService;
                }
            } catch (OCAFrameworkException e) {
                if (LOG.isWarnEnabled()) {
                    LOG.warn(new StringBuffer().append("getServiceStub(): failed to obtain logon service for ").append(this.m_aps).toString(), e);
                }
                throw SDKException.map(e);
            }
        }
    }

    private void ensureServiceStub() throws SDKException {
        synchronized (this) {
            if (this.m_stub != null) {
                return;
            }
            try {
                IManagedService managedService = ServiceMgrFactory.getServiceMgr().getManagedService(IManagedService.NO_ID, ServiceNames.OCA_S_ILOGON, this.m_aps.charAt(0) == '@' ? new ServerSpec("", ServerKinds.APS, "", this.m_aps, null, true, false) : new ServerSpec(this.m_aps, ServerKinds.APS, this.m_aps, true, false), "", "", new IManagedService.IHelperFactory(this) { // from class: com.crystaldecisions.sdk.occa.security.internal.LogonService.3
                    private final LogonService this$0;

                    {
                        this.this$0 = this;
                    }

                    @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IHelperFactory
                    public IManagedService.IStubHelper makeHelper() {
                        return new AbstractStubHelper(this) { // from class: com.crystaldecisions.sdk.occa.security.internal.LogonService.4
                            private final AnonymousClass3 this$1;

                            {
                                this.this$1 = this;
                            }

                            @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IStubHelper
                            public Object narrow(Object object) {
                                return LogonEx4Helper.narrow(object);
                            }

                            @Override // com.crystaldecisions.enterprise.ocaframework.IManagedService.IStubHelper
                            public void release(Object obj) {
                                ((LogonEx4Operations) obj).free();
                            }
                        };
                    }
                });
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("getServiceStub(): got APS=").append(managedService.getAPS()).toString());
                }
                _LogonEx4Proxy _logonex4proxy = new _LogonEx4Proxy(managedService);
                synchronized (this) {
                    if (this.m_stub != null) {
                        return;
                    }
                    this.m_stub = _logonex4proxy;
                    this.m_handler = managedService;
                }
            } catch (OCAFrameworkException e) {
                if (LOG.isWarnEnabled()) {
                    LOG.warn(new StringBuffer().append("getServiceStub(): failed to obtain logon service for ").append(this.m_aps).toString(), e);
                }
                if (!(e.getCause() instanceof connection_failure) || !((connection_failure) e.getCause()).reason.endsWith("(FWB 00024)")) {
                    throw SDKException.map(e);
                }
                throw new SDKException.CMSDatabaseUnavailable(e);
            }
        }
    }

    public String toString() {
        return new StringBuffer().append("(LogonService:aps=").append(this.m_aps).append(", realAPS=").append(this.m_handler.getAPS()).append(")").toString();
    }

    private boolean checkNeedsPropagateCredentials(IProperties iProperties) {
        try {
            IProperty property = iProperties.getProperty(PropertyIDs.SI_UPDATE_DB_CREDENTIAL);
            if (property != null) {
                return ((Boolean) property.getValue()).booleanValue();
            }
            return false;
        } catch (ClassCastException e) {
            if (!LOG.isWarnEnabled()) {
                return false;
            }
            LOG.warn("Could not cast the value of SI_UPDATE_DB_CREDENTIAL to a Boolean.", e);
            return false;
        }
    }

    @Override // com.crystaldecisions.sdk.occa.security.internal.ILogonService
    public ISecuritySession logonWithToken(String str, IEnterpriseLogonInformation iEnterpriseLogonInformation) throws SDKException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("logonWithToken(): token=").append(str).append(",aps=").append(this.m_aps).toString());
        }
        ensureTokenServiceStub();
        String substring = str.substring(str.indexOf(64) + 1);
        String logonInfoURL = getLogonInfoURL(iEnterpriseLogonInformation);
        try {
            StringHolder stringHolder = new StringHolder();
            int LogonWithTokenEx4 = this.m_stubForToken.LogonWithTokenEx4(1200, logonInfoURL, substring, stringHolder);
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("logonWithToken(): status=").append(LogonWithTokenEx4).toString());
            }
            return createSession(this.m_handler.getAPS(), this.m_handler.getSvr().getCluster(), stringHolder.value);
        } catch (oca_abuse e) {
            if (LOG.isWarnEnabled()) {
                LOG.warn(new StringBuffer().append("logonWithToken(): failed to logon, token=").append(str).toString(), e);
            }
            throw SDKException.map(e);
        }
    }

    @Override // com.crystaldecisions.sdk.occa.security.internal.ILogonService
    public ISecuritySession userLogon(String str, String str2, String str3, IEnterpriseLogonInformation iEnterpriseLogonInformation) throws SDKException {
        return doUserLogon(new LogonCred(str, str2), str3, iEnterpriseLogonInformation);
    }

    @Override // com.crystaldecisions.sdk.occa.security.internal.ILogonService
    public ISecuritySession userLogon(GSSCredential gSSCredential, GSSManager gSSManager, String str) throws SDKException {
        return doUserLogon(new LogonCred(gSSCredential, gSSManager), str, getCurrentLogonIPInfo());
    }

    private ISecuritySession doUserLogon(LogonCred logonCred, String str, IEnterpriseLogonInformation iEnterpriseLogonInformation) throws SDKException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("doUserLogon(): logonCred=").append(logonCred).append(",auth=").append(str).toString());
        }
        try {
            ensureServiceStub();
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("doUserLogon(): aps=").append(this.m_handler.getAPS()).toString());
            }
            try {
                ISecurityPlugIn clientAuthentication = this.m_loader.getClientAuthentication(this.m_handler.getAPS(), this.m_handler.getSvr().getCluster(), str);
                LOG.assertNotNull(clientAuthentication, "plugin is null.");
                ISecuritySession iSecuritySession = null;
                int i = 0;
                int i2 = 0;
                do {
                    try {
                        iSecuritySession = doLogon(str, clientAuthentication, logonCred, iEnterpriseLogonInformation);
                    } catch (IManagedService.ManagedServiceRetryException e) {
                        if (LOG.isWarnEnabled()) {
                            LOG.warn(new StringBuffer().append("doUserLogon(): failed to logon, logonCred=").append(logonCred).append(",auth=").append(str).append(",aps=").append(this.m_handler.getAPS()).toString(), e);
                        }
                        int i3 = i2;
                        i2++;
                        if (i3 >= 20) {
                            throw new SDKException.CORBASystem(e);
                        }
                    } catch (oca_abuse e2) {
                        if (LOG.isWarnEnabled()) {
                            LOG.warn(new StringBuffer().append("doUserLogon(): failed to logon, logonCred=").append(logonCred).append(",auth=").append(str).append(",aps=").append(this.m_handler.getAPS()).toString(), SDKException.map(e2));
                        }
                        if (i >= 2) {
                            throw SDKException.map(e2);
                        }
                        if (e2.errCode == 10499) {
                            message_union[] message_unionVarArr = e2.messages;
                            if (message_unionVarArr.length > 0) {
                                message_union message_unionVar = message_unionVarArr[0];
                                if (message_unionVar.discriminator().equals(message_type.mt_id) && message_unionVar.msgId().msgId == 42006) {
                                    i++;
                                    i2 = 0;
                                }
                            }
                        }
                        throw SDKException.map(e2);
                    } catch (SDKException e3) {
                        if (LOG.isWarnEnabled()) {
                            LOG.warn(new StringBuffer().append("doUserLogon(): failed to logon, logonCred=").append(logonCred).append(",auth=").append(str).append(",aps=").append(this.m_handler.getAPS()).toString(), e3);
                        }
                        throw e3;
                    }
                } while (iSecuritySession == null);
                if (LOG.isDebugEnabled()) {
                    LOG.debug("doUserLogon(): exit");
                }
                return iSecuritySession;
            } catch (SDKException.OCAFramework e4) {
                if (e4.getCause() instanceof OCAFrameworkException.CommunicationError) {
                    throw new SDKException.UnsupportedEnterpriseVersion(1200, 900);
                }
                throw e4;
            }
        } catch (SDKException.OCAFramework e5) {
            if (LOG.isErrorEnabled()) {
                LOG.error(e5.getDetailMessage());
                LOG.error("Is the CMS alive? Ensure the CMS supports SDK version 1200");
            }
            throw e5;
        }
    }

    static {
        String str;
        String str2;
        try {
            InetAddress localHost = InetAddress.getLocalHost();
            str = localHost.getHostAddress();
            str2 = localHost.getCanonicalHostName();
        } catch (UnknownHostException e) {
            str = "";
            str2 = "";
        }
        s_hostname = str2;
        s_ip = str;
    }
}
