package com.mapr.fs.cldb.http;

import com.mapr.baseutils.acls.SecurityCommandHelper;
import com.mapr.fs.cldb.CLDBServerHolder;
import com.mapr.fs.cldb.conf.CLDBConfiguration;
import com.mapr.fs.cldb.conf.CLDBConfigurationHolder;
import com.mapr.fs.proto.Security;
import com.mapr.login.PasswordAuthentication;
import com.mapr.security.JNISecurity;
import com.mapr.security.UnixUserGroupHelper;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/mapr/fs/cldb/http/SecureLoginUtil.class */
public class SecureLoginUtil {
    private String errMsg = null;
    private int sport = JNISecurity.GetCldbHttpsPort(CLDBConfigurationHolder.getInstance().getClusterName());
    private boolean isSecurityEnable = JNISecurity.IsSecurityEnabled(CLDBConfigurationHolder.getInstance().getClusterName());

    public boolean isSecurityEnabled() {
        return this.isSecurityEnable;
    }

    public String getSecureURL(HttpServletRequest httpServletRequest) {
        return "https://" + httpServletRequest.getServerName() + ":" + this.sport + "/login.jsp";
    }

    public String getErrMsg() {
        return this.errMsg;
    }

    public void setErrMsg(String str) {
        this.errMsg = str;
    }

    public boolean isRequestSecure(HttpServletRequest httpServletRequest) {
        return httpServletRequest.isSecure();
    }

    public boolean isCldbMaster() {
        CLDBServerHolder.getInstance();
        CLDBConfiguration cLDBConfigurationHolder = CLDBConfigurationHolder.getInstance();
        if (cLDBConfigurationHolder.getMode() != CLDBConfiguration.CLDBMode.MASTER_READ_WRITE && cLDBConfigurationHolder.getMode() != CLDBConfiguration.CLDBMode.SLAVE_READ_ONLY) {
            this.errMsg = "CLDB is not yet ready to accept request.";
            return false;
        }
        if (cLDBConfigurationHolder.getMode() != CLDBConfiguration.CLDBMode.SLAVE_READ_ONLY) {
            return true;
        }
        this.errMsg = "Not an CLDB master, Please connect to CLDB Master.";
        return false;
    }

    public boolean processRequest(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("Username");
        String parameter2 = httpServletRequest.getParameter("Password");
        if (parameter == null || "".equals(parameter)) {
            this.errMsg = null;
            return false;
        }
        if ("Username".equals(parameter)) {
            this.errMsg = "Invalid Username, Username cannot be null";
            return false;
        }
        if (parameter2 == null || "".equals(parameter2) || "Password".equals(parameter2)) {
            this.errMsg = "Invalid Password, Password cannot be null";
            return false;
        }
        if (!PasswordAuthentication.authenticate(parameter, parameter2)) {
            this.errMsg = "You do not have permissions to access the CLDB page. Please talk to your cluster admin";
            return false;
        }
        UnixUserGroupHelper unixUserGroupHelper = new UnixUserGroupHelper();
        int userId = unixUserGroupHelper.getUserId(parameter);
        int[] groups = unixUserGroupHelper.getGroups(parameter);
        Security.CredentialsMsg.Builder newBuilder = Security.CredentialsMsg.newBuilder();
        newBuilder.setUserName(parameter);
        newBuilder.setUid(userId);
        boolean z = false;
        for (int i : groups) {
            newBuilder.addGids(i);
            z = true;
        }
        if (!z) {
            newBuilder.addGids(userId);
            new int[1][0] = userId;
        }
        if (CLDBServerHolder.getInstance().canPerformActionOnCluster(newBuilder.build(), SecurityCommandHelper.CLUSTER_READ_MASK)) {
            return true;
        }
        this.errMsg = "You do not have permissions to access the CLDB page. Please talk to your cluster admin";
        return false;
    }
}
