package com.ar.common.prez.online.struts;

import com.ar.common.logic.AccountManagerLogicBean;
import com.ar.common.model.StringConverter;
import com.ar.common.model.User;
import com.ar.common.model.UserDb;
import com.ar.common.utilities.Constants;
import java.io.IOException;
import java.security.MessageDigest;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/* loaded from: input_file:com/ar/common/prez/online/struts/LogonAction.class */
public final class LogonAction extends Action {
    private static Log m_log = LogFactory.getLog("com.ar.common.prez.online.struts.LogonAction");

    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        getLocale(httpServletRequest);
        getResources(httpServletRequest);
        ActionErrors actionErrors = new ActionErrors();
        User user = new User();
        try {
            PropertyUtils.copyProperties(user, (LogonForm) actionForm);
            UserDb userDb = (UserDb) this.servlet.getServletContext().getAttribute(Constants.DATABASE_KEY);
            if (userDb == null) {
                actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("error.database.missing"));
                saveErrors(httpServletRequest, actionErrors);
                return new ActionForward(actionMapping.getInput());
            }
            AccountManagerLogicBean accountManagerLogicBean = new AccountManagerLogicBean(userDb);
            m_log.debug("Performing logon action...");
            user.getPassword();
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("MD5");
                messageDigest.update(user.getPassword().getBytes());
                user.setPassword(StringConverter.byteToHex(messageDigest.digest()));
                User logOn = accountManagerLogicBean.logOn(user);
                if (logOn == null) {
                    actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("error.password.mismatch"));
                } else {
                    if (m_log.isDebugEnabled()) {
                        m_log.debug("Users expiration date is " + logOn.getDateExpiration() + " and today's date is " + new Date() + ". compare to value is:" + logOn.getDateExpiration().compareTo(new Date()));
                    }
                    if (logOn.getDateExpiration().compareTo(new Date()) < 0) {
                        actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("error.accountExpired"));
                    }
                    if (httpServletRequest.getSession().getServletContext().getAttribute(logOn.getEmail()) != null) {
                        if (m_log.isDebugEnabled()) {
                            m_log.debug(new Date() + " LogonAction.java: Concurrent Logon detected. (login:" + logOn.getEmail() + ")");
                        }
                        HttpSession httpSession = (HttpSession) httpServletRequest.getSession().getServletContext().getAttribute(logOn.getEmail());
                        if (httpSession != null) {
                            try {
                                httpSession.invalidate();
                            } catch (Exception e) {
                            }
                        }
                        httpServletRequest.getSession().getServletContext().setAttribute(logOn.getEmail(), httpServletRequest.getSession());
                    } else {
                        httpServletRequest.getSession().getServletContext().setAttribute(logOn.getEmail(), httpServletRequest.getSession());
                    }
                    HttpSession session = httpServletRequest.getSession();
                    session.setAttribute(Constants.USER_KEY, logOn);
                    if (m_log.isDebugEnabled()) {
                        m_log.debug(" LogonAction: User '" + logOn.getEmail() + "' logged on in session " + session.getId());
                    }
                    if (actionMapping.getAttribute() != null) {
                        if ("request".equals(actionMapping.getScope())) {
                            httpServletRequest.removeAttribute(actionMapping.getAttribute());
                        } else {
                            session.removeAttribute(actionMapping.getAttribute());
                        }
                    }
                }
                if (actionErrors.isEmpty()) {
                    saveToken(httpServletRequest);
                    return actionMapping.findForward("success");
                }
                saveErrors(httpServletRequest, actionErrors);
                return new ActionForward(actionMapping.getInput());
            } catch (Exception e2) {
                m_log.error("Hashing submitted password failed:", e2);
                return new ActionForward(actionMapping.getInput());
            }
        } catch (Exception e3) {
            m_log.error("Populating user object from form failed: " + e3.getMessage());
            actionErrors.add("content", new ActionError("error.logonFailed"));
            saveErrors(httpServletRequest, actionErrors);
            return actionMapping.findForward("failure");
        }
    }
}
