package org.exist.xquery.modules.persistentlogin;

import org.exist.EXistException;
import org.exist.dom.QName;
import org.exist.security.AuthenticationException;
import org.exist.storage.BrokerPool;
import org.exist.xquery.AnalyzeContextInfo;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.UserSwitchingBasicFunction;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.modules.persistentlogin.PersistentLogin;
import org.exist.xquery.value.DurationValue;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.FunctionReference;
import org.exist.xquery.value.FunctionReturnSequenceType;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;
import org.exist.xquery.value.StringValue;

/* loaded from: input_file:WEB-INF/lib/exist-modules.jar:org/exist/xquery/modules/persistentlogin/PersistentLoginFunctions.class */
public class PersistentLoginFunctions extends UserSwitchingBasicFunction {
    public static final FunctionSignature[] signatures = {new FunctionSignature(new QName("register", PersistentLoginModule.NAMESPACE, PersistentLoginModule.PREFIX), "Try to log in the user and create a one-time login token. The token can be stored to a cookie and used to log in (via the login function) as the same user without providing credentials. However, for security reasons the token will be valid only for the next request to the login function and is deleted afterwards. If the user is valid and the token could be generated, the supplied callback function is called with 4 arguments: $token as xs:string, $user as xs:string, $password as xs:string, $timeToLive as xs:duration.", new SequenceType[]{new FunctionParameterSequenceType("user", 22, 2, "user name"), new FunctionParameterSequenceType("password", 22, 3, "password"), new FunctionParameterSequenceType("timeToLive", 53, 2, "duration for which the user is remembered"), new FunctionParameterSequenceType("onLogin", 101, 3, "callback function to be called when the login succeeds")}, new FunctionReturnSequenceType(11, 7, "result of the callback function or the empty sequence")), new FunctionSignature(new QName("login", PersistentLoginModule.NAMESPACE, PersistentLoginModule.PREFIX), "Try to log in the user based on the supplied token. If the login succeeds, the provided callback function is called with 4 arguments: $token as xs:string, $user as xs:string, $password as xs:string, $timeToLive as duration. $token will be a new token which can be used for the next request. The old token is deleted.", new SequenceType[]{new FunctionParameterSequenceType("token", 22, 2, "a valid one-time token"), new FunctionParameterSequenceType("onLogin", 101, 3, "callback function to be called when the login succeeds")}, new FunctionReturnSequenceType(11, 7, "result of the callback function or the empty sequence")), new FunctionSignature(new QName("invalidate", PersistentLoginModule.NAMESPACE, PersistentLoginModule.PREFIX), "Invalidate the supplied one-time token, so it can no longer be used to log in.", new SequenceType[]{new FunctionParameterSequenceType("token", 22, 2, "a valid one-time token")}, new FunctionReturnSequenceType(10, 2, "empty sequence"))};
    private AnalyzeContextInfo cachedContextInfo;

    public PersistentLoginFunctions(XQueryContext xQueryContext, FunctionSignature functionSignature) {
        super(xQueryContext, functionSignature);
    }

    @Override // org.exist.xquery.Function, org.exist.xquery.PathExpr, org.exist.xquery.Expression
    public void analyze(AnalyzeContextInfo analyzeContextInfo) throws XPathException {
        super.analyze(analyzeContextInfo);
        this.cachedContextInfo = new AnalyzeContextInfo(analyzeContextInfo);
    }

    @Override // org.exist.xquery.BasicFunction
    public Sequence eval(Sequence[] sequenceArr, Sequence sequence) throws XPathException {
        if (isCalledAs("register")) {
            return register(sequenceArr[0].getStringValue(), !sequenceArr[1].isEmpty() ? sequenceArr[1].getStringValue() : null, (DurationValue) sequenceArr[2].itemAt(0), !sequenceArr[3].isEmpty() ? (FunctionReference) sequenceArr[3].itemAt(0) : null);
        }
        if (isCalledAs("login")) {
            return authenticate(sequenceArr[0].getStringValue(), !sequenceArr[1].isEmpty() ? (FunctionReference) sequenceArr[1].itemAt(0) : null);
        }
        PersistentLogin.getInstance().invalidate(sequenceArr[0].getStringValue());
        return Sequence.EMPTY_SEQUENCE;
    }

    private Sequence register(String str, String str2, DurationValue durationValue, FunctionReference functionReference) throws XPathException {
        return login(str, str2) ? callback(functionReference, null, PersistentLogin.getInstance().register(str, str2, durationValue)) : Sequence.EMPTY_SEQUENCE;
    }

    private Sequence authenticate(String str, FunctionReference functionReference) throws XPathException {
        PersistentLogin.LoginDetails lookup = PersistentLogin.getInstance().lookup(str);
        if (lookup != null && login(lookup.getUser(), lookup.getPassword())) {
            return callback(functionReference, str, lookup);
        }
        return Sequence.EMPTY_SEQUENCE;
    }

    private boolean login(String str, String str2) throws XPathException {
        try {
            switchUser(BrokerPool.getInstance().getSecurityManager().authenticate(str, str2));
            return true;
        } catch (EXistException | AuthenticationException e) {
            return false;
        }
    }

    private Sequence callback(FunctionReference functionReference, String str, PersistentLogin.LoginDetails loginDetails) throws XPathException {
        Sequence[] sequenceArr = new Sequence[4];
        String loginDetails2 = loginDetails.toString();
        if (str == null || !str.equals(loginDetails2)) {
            sequenceArr[0] = new StringValue(loginDetails2);
        } else {
            sequenceArr[0] = Sequence.EMPTY_SEQUENCE;
        }
        sequenceArr[1] = new StringValue(loginDetails.getUser());
        sequenceArr[2] = new StringValue(loginDetails.getPassword());
        sequenceArr[3] = loginDetails.getTimeToLive();
        functionReference.analyze(this.cachedContextInfo);
        return functionReference.evalFunction(null, null, sequenceArr);
    }
}
