package org.openvpms.web.security.login;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.openvpms.component.model.user.User;
import org.openvpms.web.security.login.SecurityCodeService;
import org.openvpms.web.security.user.LoginUserDetails;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:org/openvpms/web/security/login/LoginFactorSelectedServlet.class */
public class LoginFactorSelectedServlet extends HttpServlet {
    private MfaService service;

    public void init() throws ServletException {
        super.init();
        this.service = (MfaService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean(MfaService.class);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication.getPrincipal() instanceof LoginUserDetails)) {
            loginError(httpServletRequest, httpServletResponse);
            return;
        }
        LoginUserDetails loginUserDetails = (LoginUserDetails) authentication.getPrincipal();
        SecurityCodeService.Factor fromString = SecurityCodeService.Factor.fromString(httpServletRequest.getParameter("factor"));
        if (!SecurityCodeService.Factor.EMAIL.equals(fromString)) {
            if (SecurityCodeService.Factor.TOTP.equals(fromString)) {
                forwardToLogin2(fromString, this.service.generateTOTPCode((User) loginUserDetails.getUserDetails()), httpServletRequest, httpServletResponse);
                return;
            } else {
                loginError(httpServletRequest, httpServletResponse);
                return;
            }
        }
        String sendCode = sendCode(loginUserDetails);
        if (sendCode != null) {
            forwardToLogin2(fromString, sendCode, httpServletRequest, httpServletResponse);
        } else {
            loginError(httpServletRequest, httpServletResponse);
        }
    }

    private String sendCode(LoginUserDetails loginUserDetails) {
        String str = null;
        String email = loginUserDetails.getEmail();
        if (email != null) {
            str = this.service.sendCode((User) loginUserDetails.getUserDetails(), email);
        }
        return str;
    }

    private void forwardToLogin2(SecurityCodeService.Factor factor, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletRequest.setAttribute("factor", factor.toString());
        httpServletRequest.setAttribute("id", str);
        httpServletRequest.getRequestDispatcher("login2").forward(httpServletRequest, httpServletResponse);
    }

    private void loginError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.invalidate();
        }
        httpServletResponse.sendRedirect("login?status=error");
    }
}
