package com.mirth.connect.server.api.servlets;

import com.mirth.connect.client.core.ClientException;
import com.mirth.connect.client.core.ControllerException;
import com.mirth.connect.client.core.api.MirthApiException;
import com.mirth.connect.client.core.api.servlets.UserServletInterface;
import com.mirth.connect.model.LoginStatus;
import com.mirth.connect.model.ServerEvent;
import com.mirth.connect.model.User;
import com.mirth.connect.server.api.CheckAuthorizedUserId;
import com.mirth.connect.server.api.DontCheckAuthorized;
import com.mirth.connect.server.api.MirthServlet;
import com.mirth.connect.server.controllers.ConfigurationController;
import com.mirth.connect.server.controllers.ControllerFactory;
import com.mirth.connect.server.controllers.EventController;
import com.mirth.connect.server.controllers.UserController;
import com.mirth.connect.server.util.UserSessionCache;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/mirth/connect/server/api/servlets/UserServlet.class */
public class UserServlet extends MirthServlet implements UserServletInterface {
    private static final UserController userController = ControllerFactory.getFactory().createUserController();
    private static final EventController eventController = ControllerFactory.getFactory().createEventController();
    private static final ConfigurationController configurationController = ControllerFactory.getFactory().createConfigurationController();

    public UserServlet(@Context HttpServletRequest httpServletRequest, @Context SecurityContext securityContext) {
        super(httpServletRequest, securityContext, false);
    }

    @DontCheckAuthorized
    public LoginStatus login(String str, String str2) {
        LoginStatus loginStatus = null;
        try {
            int i = 0;
            int status = configurationController.getStatus();
            while (true) {
                if (status == 3 || status == 0) {
                    break;
                }
                if (i >= 5) {
                    loginStatus = new LoginStatus(LoginStatus.Status.FAIL, "Server is still starting or otherwise unavailable. Please try again shortly.");
                    break;
                }
                Thread.sleep(1000L);
                status = configurationController.getStatus();
                i++;
            }
            if (loginStatus == null) {
                String header = this.request.getHeader("X-Mirth-Login-Data");
                loginStatus = (!StringUtils.isNotBlank(header) || ControllerFactory.getFactory().createExtensionController().getMultiFactorAuthenticationPlugin() == null) ? userController.authorizeUser(str, str2) : ControllerFactory.getFactory().createExtensionController().getMultiFactorAuthenticationPlugin().authenticate(header);
                ConfigurationController createConfigurationController = ControllerFactory.getFactory().createConfigurationController();
                HttpSession session = this.request.getSession();
                session.setMaxInactiveInterval(createConfigurationController.getMaxInactiveSessionInterval());
                String defaultString = StringUtils.defaultString(loginStatus.getUpdatedUsername(), str);
                User user = null;
                if (loginStatus.getStatus() == LoginStatus.Status.SUCCESS || loginStatus.getStatus() == LoginStatus.Status.SUCCESS_GRACE_PERIOD) {
                    user = userController.getUser(null, defaultString);
                    if (user == null) {
                        loginStatus = new LoginStatus(LoginStatus.Status.FAIL, "Could not find a valid user with username: " + defaultString);
                    } else {
                        session.setAttribute("user", user.getId());
                        session.setAttribute("authorized", true);
                        userController.loginUser(user);
                        UserSessionCache.getInstance().registerSessionForUser(session, user);
                    }
                }
                ServerEvent serverEvent = new ServerEvent(createConfigurationController.getServerId(), this.operation.getDisplayName());
                if (user != null) {
                    serverEvent.setUserId(user.getId().intValue());
                }
                serverEvent.setIpAddress(getRequestIpAddress());
                serverEvent.setLevel(ServerEvent.Level.INFORMATION);
                serverEvent.setOutcome((loginStatus.getStatus() == LoginStatus.Status.SUCCESS || loginStatus.getStatus() == LoginStatus.Status.SUCCESS_GRACE_PERIOD) ? ServerEvent.Outcome.SUCCESS : ServerEvent.Outcome.FAILURE);
                HashMap hashMap = new HashMap();
                hashMap.put("username", defaultString);
                serverEvent.setAttributes(hashMap);
                eventController.dispatchEvent(serverEvent);
            }
            if (loginStatus.getStatus() == LoginStatus.Status.SUCCESS || loginStatus.getStatus() == LoginStatus.Status.SUCCESS_GRACE_PERIOD) {
                return loginStatus;
            }
            throw new MirthApiException(Response.status(Response.Status.UNAUTHORIZED).entity(loginStatus).build());
        } catch (Exception e) {
            throw new MirthApiException(e);
        }
    }

    @DontCheckAuthorized
    public void logout() {
        isUserAuthorized();
        HttpSession session = this.request.getSession();
        Integer num = (Integer) session.getAttribute("user");
        session.removeAttribute("user");
        session.removeAttribute("authorized");
        session.invalidate();
        User user = new User();
        user.setId(num);
        try {
            userController.logoutUser(user);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @DontCheckAuthorized
    public void inactivityLogout() {
        logout();
    }

    public void createUser(User user) {
        if (StringUtils.isBlank(user.getUsername())) {
            throw new MirthApiException(Response.status(Response.Status.BAD_REQUEST).entity("username cannot be blank.").build());
        }
        try {
            userController.updateUser(user);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @DontCheckAuthorized
    public List<User> getAllUsers() {
        try {
            if (isUserAuthorized()) {
                return userController.getAllUsers();
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(userController.getUser(Integer.valueOf(getCurrentUserId()), null));
            return arrayList;
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @DontCheckAuthorized
    public User getUser(String str) {
        this.parameterMap.put("userIdOrName", str);
        Integer num = null;
        User user = null;
        try {
            try {
                num = Integer.valueOf(Integer.parseInt(str));
                user = userController.getUser(num, null);
            } catch (ControllerException e) {
                throw new MirthApiException(e);
            }
        } catch (NumberFormatException e2) {
        }
        if (user != null) {
            if (isUserAuthorized() || isCurrentUser(num)) {
                return user;
            }
            throw new MirthApiException(Response.Status.FORBIDDEN);
        }
        User user2 = userController.getUser(null, str);
        if (user2 == null) {
            if (isUserAuthorized()) {
                throw new MirthApiException(Response.Status.NOT_FOUND);
            }
            throw new MirthApiException(Response.Status.FORBIDDEN);
        }
        Integer id = user2.getId();
        if (isUserAuthorized() || isCurrentUser(id)) {
            return user2;
        }
        throw new MirthApiException(Response.Status.FORBIDDEN);
    }

    public User getCurrentUser() {
        try {
            return userController.getUser(Integer.valueOf(getCurrentUserId()), null);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId
    public void updateUser(Integer num, User user) {
        if (StringUtils.isBlank(user.getUsername())) {
            throw new MirthApiException(Response.status(Response.Status.BAD_REQUEST).entity("username cannot be blank.").build());
        }
        try {
            userController.updateUser(user);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    public List<String> checkUserPassword(String str) {
        try {
            return userController.checkOrUpdateUserPassword(null, str);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId
    public List<String> updateUserPassword(Integer num, String str) {
        try {
            return userController.checkOrUpdateUserPassword(num, str);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    public void removeUser(Integer num) {
        try {
            userController.removeUser(num, Integer.valueOf(getCurrentUserId()));
            UserSessionCache.getInstance().invalidateAllSessionsForUser(num);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    public boolean isUserLoggedIn(Integer num) {
        try {
            return userController.isUserLoggedIn(num);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId(auditCurrentUser = false)
    public Properties getUserPreferences(Integer num, Set<String> set) {
        try {
            return userController.getUserPreferences(num, set);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId(auditCurrentUser = false)
    public String getUserPreference(Integer num, String str) {
        try {
            return userController.getUserPreference(num, str);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId(auditCurrentUser = false)
    public void setUserPreferences(Integer num, Properties properties) {
        try {
            userController.setUserPreferences(num, properties);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId(auditCurrentUser = false)
    public void setUserPreference(Integer num, String str, String str2) {
        try {
            userController.setUserPreference(num, str, str2);
        } catch (ControllerException e) {
            throw new MirthApiException(e);
        }
    }

    @CheckAuthorizedUserId(auditCurrentUser = false)
    public void setUserNotificationAcknowledged(Integer num) throws ClientException {
    }
}
