package com.evolveum.midpoint.web.page.login;

import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.model.api.authentication.MidpointAuthentication;
import com.evolveum.midpoint.model.api.authentication.ModuleAuthentication;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommonException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.application.Url;
import com.evolveum.midpoint.web.component.form.Form;
import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
import com.evolveum.midpoint.web.page.forgetpassword.PageForgotPassword;
import com.evolveum.midpoint.web.security.module.authentication.LdapModuleAuthentication;
import com.evolveum.midpoint.web.security.module.authentication.LoginFormModuleAuthentication;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.RegistrationsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.RestartResponseException;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
import org.apache.wicket.model.IModel;
import org.apache.wicket.protocol.http.servlet.ServletWebRequest;
import org.apache.wicket.request.cycle.RequestCycle;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;

@PageDescriptor(urls = {@Url(mountUrl = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL, matchUrlForSecurity = DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL)}, permitAll = true, loginPage = true)
/* loaded from: input_file:WEB-INF/classes/com/evolveum/midpoint/web/page/login/PageLogin.class */
public class PageLogin extends PageBase {
    private static final long serialVersionUID = 1;
    private static final String ID_FORGET_PASSWORD = "forgetpassword";
    private static final String ID_SELF_REGISTRATION = "selfRegistration";
    private static final String ID_CSRF_FIELD = "csrfField";
    private static final String ID_FORM = "form";
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) PageLogin.class);
    private static final String DOT_CLASS = PageLogin.class.getName() + ".";
    protected static final String OPERATION_LOAD_RESET_PASSWORD_POLICY = DOT_CLASS + "loadPasswordResetPolicy";
    private static final String OPERATION_LOAD_REGISTRATION_POLICY = DOT_CLASS + "loadRegistrationPolicy";

    public PageLogin() {
        final AuthenticationSequenceType sequenceByName;
        final AuthenticationSequenceType sequenceByName2;
        Form form = new Form("form");
        form.add(AttributeModifier.replace("action", (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public String getObject2() {
                return PageLogin.this.getUrlProcessingLogin();
            }
        }));
        add(form);
        BookmarkablePageLink bookmarkablePageLink = new BookmarkablePageLink(ID_FORGET_PASSWORD, PageForgotPassword.class);
        SecurityPolicyType securityPolicyType = null;
        try {
            securityPolicyType = getModelInteractionService().getSecurityPolicy(null, null, new OperationResult(OPERATION_LOAD_RESET_PASSWORD_POLICY));
        } catch (CommonException e) {
            LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), (Throwable) e);
        }
        final SecurityPolicyType securityPolicyType2 = securityPolicyType;
        bookmarkablePageLink.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.2
            private static final long serialVersionUID = 1;

            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                CredentialsPolicyType credentials;
                if (securityPolicyType2 == null || (credentials = securityPolicyType2.getCredentials()) == null) {
                    return false;
                }
                return ((credentials.getSecurityQuestions() == null || credentials.getSecurityQuestions().getQuestionNumber() == null) && securityPolicyType2.getCredentialsReset() == null) ? false : true;
            }
        });
        if (securityPolicyType != null && securityPolicyType.getCredentialsReset() != null && StringUtils.isNotBlank(securityPolicyType.getCredentialsReset().getAuthenticationSequenceName()) && (sequenceByName2 = SecurityUtils.getSequenceByName(securityPolicyType.getCredentialsReset().getAuthenticationSequenceName(), securityPolicyType.getAuthentication())) != null) {
            if (sequenceByName2.getChannel() == null || StringUtils.isBlank(sequenceByName2.getChannel().getUrlSuffix())) {
                throw new IllegalArgumentException("Sequence with name " + securityPolicyType.getCredentialsReset().getAuthenticationSequenceName() + " doesn't contain urlSuffix");
            }
            bookmarkablePageLink.add(AttributeModifier.replace("href", (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.apache.wicket.model.IModel
                /* renamed from: getObject */
                public String getObject2() {
                    return "./auth/" + sequenceByName2.getChannel().getUrlSuffix();
                }
            }));
        }
        form.add(bookmarkablePageLink);
        BookmarkablePageLink bookmarkablePageLink2 = new BookmarkablePageLink(ID_SELF_REGISTRATION, PageSelfRegistration.class);
        bookmarkablePageLink2.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.4
            private static final long serialVersionUID = 1;

            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                OperationResult operationResult = new OperationResult(PageLogin.OPERATION_LOAD_REGISTRATION_POLICY);
                RegistrationsPolicyType registrationsPolicyType = null;
                try {
                    Task createAnonymousTask = PageLogin.this.createAnonymousTask(PageLogin.OPERATION_LOAD_REGISTRATION_POLICY);
                    registrationsPolicyType = PageLogin.this.getModelInteractionService().getFlowPolicy(null, createAnonymousTask, operationResult);
                    if (registrationsPolicyType == null || registrationsPolicyType.getSelfRegistration() == null) {
                        registrationsPolicyType = PageLogin.this.getModelInteractionService().getRegistrationPolicy(null, createAnonymousTask, operationResult);
                    }
                } catch (CommonException e2) {
                    PageLogin.LOGGER.warn("Cannot read credentials policy: " + e2.getMessage(), (Throwable) e2);
                }
                boolean z = false;
                if (registrationsPolicyType != null && registrationsPolicyType.getSelfRegistration() != null) {
                    z = true;
                }
                return z;
            }
        });
        if (securityPolicyType != null && securityPolicyType.getRegistration() != null && securityPolicyType.getRegistration().getSelfRegistration() != null && StringUtils.isNotBlank(securityPolicyType.getRegistration().getSelfRegistration().getAdditionalAuthenticationName()) && (sequenceByName = SecurityUtils.getSequenceByName(securityPolicyType.getRegistration().getSelfRegistration().getAdditionalAuthenticationName(), securityPolicyType.getAuthentication())) != null) {
            bookmarkablePageLink2.add(AttributeModifier.replace("href", (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.apache.wicket.model.IModel
                /* renamed from: getObject */
                public String getObject2() {
                    return "./auth/" + sequenceByName.getChannel().getUrlSuffix();
                }
            }));
        }
        form.add(bookmarkablePageLink2);
        form.add(SecurityUtils.createHiddenInputForCsrf(ID_CSRF_FIELD));
    }

    private String getUrlProcessingLogin() {
        ModuleAuthentication processingModuleAuthentication;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (!(authentication instanceof MidpointAuthentication) || (processingModuleAuthentication = ((MidpointAuthentication) authentication).getProcessingModuleAuthentication()) == null) ? "/midpoint/spring_security_login" : ((processingModuleAuthentication instanceof LoginFormModuleAuthentication) || (processingModuleAuthentication instanceof LdapModuleAuthentication)) ? org.springframework.security.saml.util.StringUtils.stripSlashes(processingModuleAuthentication.getPrefix()) + "/spring_security_login" : "/midpoint/spring_security_login";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.gui.api.page.PageBase, org.apache.wicket.Page, org.apache.wicket.Component
    public void onConfigure() {
        super.onConfigure();
        HttpSession session = ((ServletWebRequest) RequestCycle.get().getRequest()).getContainerRequest().getSession();
        Exception exc = (Exception) session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
        if (exc == null) {
            return;
        }
        String message = exc.getMessage();
        if (StringUtils.isEmpty(message)) {
            message = "web.security.provider.unavailable";
        }
        for (String str : message.split(";")) {
            error(getLocalizationService().translate(str, null, getLocale(), str));
        }
        session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
        clearBreadcrumbs();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.gui.api.page.PageBase
    public void createBreadcrumb() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.gui.api.page.PageBase, org.apache.wicket.Page, org.apache.wicket.Component
    public void onBeforeRender() {
        super.onBeforeRender();
        if (SecurityUtils.getPrincipalUser() != null) {
            throw new RestartResponseException(getMidpointApplication().getHomePage());
        }
    }
}
