package org.openvpms.web.security.login;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.openvpms.component.model.user.User;
import org.openvpms.web.security.login.SecurityCodeService;
import org.openvpms.web.security.user.LoginUserDetails;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:org/openvpms/web/security/login/Login2CodeServlet.class */
public class Login2CodeServlet extends HttpServlet {
    private MfaService mfaService;

    public void init() throws ServletException {
        super.init();
        this.mfaService = (MfaService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean(MfaService.class);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication.getPrincipal() instanceof LoginUserDetails)) {
            loginError(httpServletRequest, httpServletResponse);
            return;
        }
        LoginUserDetails loginUserDetails = (LoginUserDetails) authentication.getPrincipal();
        User user = loginUserDetails.getUser();
        SecurityCodeService.Factor fromString = SecurityCodeService.Factor.fromString(httpServletRequest.getParameter("factor"));
        String parameter = httpServletRequest.getParameter("code");
        String parameter2 = httpServletRequest.getParameter("id");
        SecurityCodeService.Status verifyCode = this.mfaService.verifyCode(parameter2, parameter, fromString, user);
        if (verifyCode == SecurityCodeService.Status.SUCCESS) {
            loggedIn(loginUserDetails, httpServletResponse, authentication);
            return;
        }
        if (verifyCode != SecurityCodeService.Status.CODE_MISMATCH) {
            loginError(httpServletRequest, httpServletResponse);
            return;
        }
        httpServletRequest.setAttribute("codemismatch", true);
        httpServletRequest.setAttribute("id", parameter2);
        httpServletRequest.setAttribute("factor", fromString.toString());
        httpServletRequest.getRequestDispatcher("login2").forward(httpServletRequest, httpServletResponse);
    }

    private void loggedIn(LoginUserDetails loginUserDetails, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(loginUserDetails.getUserDetails(), authentication.getCredentials(), loginUserDetails.getAuthorities()));
        httpServletResponse.sendRedirect("app");
    }

    private void loginError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.invalidate();
        }
        httpServletResponse.sendRedirect("login?status=error");
    }
}
