package com.zimbra.cs.taglib.tag;

import com.zimbra.client.ZAuthResult;
import com.zimbra.client.ZMailbox;
import com.zimbra.common.auth.ZAuthToken;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.HttpUtil;
import com.zimbra.common.util.WebSplitUtil;
import com.zimbra.common.util.ZimbraCookie;
import com.zimbra.cs.taglib.ZJspSession;
import com.zimbra.cs.taglib.ngxlookup.NginxRouteLookUpConnector;
import java.io.IOException;
import java.util.Arrays;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.PageContext;

/* loaded from: input_file:com/zimbra/cs/taglib/tag/LoginTag.class */
public class LoginTag extends ZimbraSimpleTag {
    private String mUsername;
    private String mPassword;
    private String mNewPassword;
    private String mTwoFactorCode;
    private String mAuthToken;
    private boolean mAuthTokenInUrl;
    private boolean mRememberMe;
    private boolean mImportData;
    private boolean mAdminPreAuth;
    private String mUrl = null;
    private String mPath = null;
    private String mVarRedirectUrl = null;
    private String mVarAuthResult = null;
    private String mAttrs;
    private String mPrefs;
    private String mRequestedSkin;
    private boolean mCsrfTokenSecured;
    private boolean mTrustedDevice;
    private String mTrustedDeviceToken;
    private String mDeviceId;
    private boolean mGenerateDeviceId;

    public void setVarRedirectUrl(String str) {
        this.mVarRedirectUrl = str;
    }

    public void setVarAuthResult(String str) {
        this.mVarAuthResult = str;
    }

    public void setUsername(String str) {
        this.mUsername = str;
    }

    public void setPassword(String str) {
        this.mPassword = str;
    }

    public void setTwoFactorCode(String str) {
        this.mTwoFactorCode = str;
    }

    public void setNewpassword(String str) {
        this.mNewPassword = str;
    }

    public void setRememberme(boolean z) {
        this.mRememberMe = z;
    }

    public void setImportData(boolean z) {
        this.mImportData = z;
    }

    public void setCsrfTokenSecured(boolean z) {
        this.mCsrfTokenSecured = z;
    }

    public void setAdminPreAuth(boolean z) {
        this.mAdminPreAuth = z;
    }

    public void setAuthtoken(String str) {
        this.mAuthToken = str;
    }

    public void setAuthtokenInUrl(boolean z) {
        this.mAuthTokenInUrl = z;
    }

    public void setUrl(String str) {
        this.mUrl = str;
    }

    public void setPrefs(String str) {
        this.mPrefs = str;
    }

    public void setAttrs(String str) {
        this.mAttrs = str;
    }

    public void setRequestedSkin(String str) {
        this.mRequestedSkin = str;
    }

    public void setTrustedDevice(Boolean bool) {
        this.mTrustedDevice = bool.booleanValue();
    }

    public void setTrustedDeviceToken(String str) {
        this.mTrustedDeviceToken = str;
    }

    public void setGenerateDeviceId(Boolean bool) {
        this.mGenerateDeviceId = bool.booleanValue();
    }

    public void setDeviceId(String str) {
        this.mDeviceId = str;
    }

    private String getVirtualHost(HttpServletRequest httpServletRequest) {
        return HttpUtil.getVirtualHost(httpServletRequest);
    }

    public void doTag() throws JspException, IOException {
        PageContext jspContext = getJspContext();
        try {
            PageContext pageContext = jspContext;
            HttpServletRequest httpServletRequest = (HttpServletRequest) pageContext.getRequest();
            String serverName = httpServletRequest.getServerName();
            ZMailbox.Options options = new ZMailbox.Options();
            options.setClientIp(ZJspSession.getRemoteAddr(pageContext));
            options.setNoSession(true);
            if (this.mPrefs != null && this.mPrefs.length() > 0) {
                options.setPrefs(Arrays.asList(this.mPrefs.split(",")));
            }
            if (this.mAttrs != null && this.mAttrs.length() > 0) {
                options.setAttrs(Arrays.asList(this.mAttrs.split(",")));
            }
            if (this.mTwoFactorCode != null && this.mTwoFactorCode.length() > 0) {
                options.setTwoFactorCode(this.mTwoFactorCode);
            }
            if (this.mAuthToken != null) {
                options.setAuthToken(this.mAuthToken);
                options.setAuthAuthToken(true);
            } else {
                options.setAccount(this.mUsername);
                options.setPassword(this.mPassword);
                options.setVirtualHost(getVirtualHost(httpServletRequest));
                if (this.mNewPassword != null && this.mNewPassword.length() > 0) {
                    options.setNewPassword(this.mNewPassword);
                }
            }
            if (this.mUrl == null) {
                if (this.mAuthToken == null && WebSplitUtil.isZimbraWebClientSplitEnabled()) {
                    this.mUrl = (ZJspSession.isProtocolModeHttps() ? "https" : "http") + "://" + NginxRouteLookUpConnector.getClient().getRouteforAccount(this.mUsername, "username", ZJspSession.isProtocolModeHttps() ? "httpssl" : "http", HttpUtil.getVirtualHost(httpServletRequest), httpServletRequest.getRemoteAddr(), httpServletRequest.getHeader("Virtual-Host")).getNginxAuthServer() + "/service/soap";
                } else {
                    this.mUrl = ZJspSession.getSoapURL(pageContext);
                }
            }
            options.setUri(this.mUrl);
            options.setRequestedSkin(this.mRequestedSkin);
            if (this.mCsrfTokenSecured) {
                options.setCsrfSupported(this.mCsrfTokenSecured);
            }
            if (this.mTrustedDevice) {
                options.setTrustedDevice(true);
            }
            if (this.mTrustedDeviceToken != null) {
                options.setTrustedDeviceToken(this.mTrustedDeviceToken);
            }
            if (this.mGenerateDeviceId) {
                options.setGenerateDeviceId(true);
            }
            if (this.mDeviceId != null) {
                options.setDeviceId(this.mDeviceId);
            }
            ZMailbox mailbox = ZMailbox.getMailbox(options);
            HttpServletResponse response = pageContext.getResponse();
            String refer = mailbox.getAuthResult().getRefer();
            boolean z = (refer == null || refer.equalsIgnoreCase(serverName)) ? false : true;
            if ((this.mAuthToken == null || this.mAuthTokenInUrl || (this.mTwoFactorCode != null && this.mTwoFactorCode.length() > 0)) && !z) {
                setCookie(response, mailbox.getAuthToken(), ZJspSession.secureAuthTokenCookie(httpServletRequest), this.mRememberMe, mailbox.getAuthResult().getExpires());
            }
            ZAuthResult authResult = mailbox.getAuthResult();
            if (authResult.getTrustedToken() != null) {
                setTrustedCookie(response, authResult.getTrustedToken(), authResult.getTrustLifetime(), ZJspSession.secureAuthTokenCookie(httpServletRequest));
            }
            if (this.mVarRedirectUrl != null) {
                jspContext.setAttribute(this.mVarRedirectUrl, ZJspSession.getPostLoginRedirectUrl(pageContext, this.mPath, mailbox.getAuthResult(), this.mRememberMe, z), 2);
            }
            if (this.mVarAuthResult != null) {
                jspContext.setAttribute(this.mVarAuthResult, mailbox.getAuthResult(), 2);
            }
            if (!authResult.getTwoFactorAuthRequired()) {
                boolean dataSourceImportOnLogin = mailbox.getFeatures().getDataSourceImportOnLogin();
                if (this.mImportData && !this.mAdminPreAuth && dataSourceImportOnLogin) {
                    mailbox.importData(mailbox.getAllDataSources());
                }
            }
        } catch (ServiceException e) {
            throw new JspTagException(e.getMessage(), e);
        }
    }

    public static void setCookie(HttpServletResponse httpServletResponse, ZAuthToken zAuthToken, boolean z, boolean z2, long j) {
        Map cookieMap = zAuthToken.cookieMap(false);
        Integer num = null;
        if (z2) {
            long currentTimeMillis = j - System.currentTimeMillis();
            if (currentTimeMillis > 0) {
                num = new Integer((int) (currentTimeMillis / 1000));
            }
        } else {
            num = new Integer(-1);
        }
        for (Map.Entry entry : cookieMap.entrySet()) {
            ZimbraCookie.addHttpOnlyCookie(httpServletResponse, (String) entry.getKey(), (String) entry.getValue(), ZimbraCookie.PATH_ROOT, num, z);
        }
    }

    public static void setTrustedCookie(HttpServletResponse httpServletResponse, String str, long j, boolean z) {
        Long valueOf = Long.valueOf(j - System.currentTimeMillis());
        String str2 = ZimbraCookie.PATH_ROOT;
        Integer valueOf2 = Integer.valueOf((int) (valueOf.longValue() / 1000));
        if (valueOf.longValue() > 0) {
            ZimbraCookie.addHttpOnlyCookie(httpServletResponse, "ZM_TRUST_TOKEN", str, str2, valueOf2, z);
        } else {
            ZimbraCookie.clearCookie(httpServletResponse, "ZM_TRUST_TOKEN");
        }
    }
}
