package tw.com.draytek.acs.html5;

import com.j256.twofactorauth.TimeBasedOneTimePasswordUtil;
import com.liferay.util.Encryptor;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpSession;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.axis.Constants;
import tw.com.draytek.a.c;
import tw.com.draytek.acs.db.DBManager;
import tw.com.draytek.acs.db.DslPmShow;
import tw.com.draytek.acs.db.LoginLog;
import tw.com.draytek.acs.db.MailServer;
import tw.com.draytek.acs.db.UGroup;
import tw.com.draytek.acs.db.UserGroups;
import tw.com.draytek.acs.db.Users;
import tw.com.draytek.acs.device.DeviceManager;
import tw.com.draytek.acs.f.f;
import tw.com.draytek.acs.property.TR069Property;
import tw.com.draytek.acs.rpc.RPCManager;
import tw.com.draytek.server.service.externalauthentication.ExternalAuthentication;

/* loaded from: input_file:tw/com/draytek/acs/html5/LoginJSONHandler.class */
public class LoginJSONHandler extends Html5JSONHandler {
    private String user;
    private String password;
    private String code;
    private String remoteAddr;
    private String iv = "12345678901234561234567890123456";
    private boolean isAuth = false;
    private boolean isInit = false;
    private int servletType = 0;
    private long expireDate = 0;
    private long minStartDate = 0;
    long currentTimeMillis = System.currentTimeMillis();

    @Override // tw.com.draytek.acs.html5.Html5JSONHandler
    public String get() {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = jSONObject;
        try {
            this.user = new StringBuilder().append(this.jsonObject.get("user")).toString();
            this.password = new StringBuilder().append(this.jsonObject.get("password")).toString();
            this.code = new StringBuilder().append(this.jsonObject.get("code")).toString();
            this.remoteAddr = this.request.getRemoteAddr();
            this.servletType = 1;
            String encryptorUsername = encryptorUsername(this.user);
            String encryptorUsername2 = encryptorUsername(this.password);
            LoginLog loginLog = new LoginLog();
            boolean z = false;
            DBManager dBManager = DBManager.getInstance();
            RPCManager rPCManager = new RPCManager(this.httpSession);
            if (TR069Property.USER_LOGIN.get(this.remoteAddr) != null) {
                String[] split = new StringBuilder().append(TR069Property.USER_LOGIN.get(this.remoteAddr)).toString().split("_");
                long parseLong = Long.parseLong(split[0]);
                int parseInt = Integer.parseInt(split[1]);
                if (this.currentTimeMillis - parseLong >= 600000) {
                    TR069Property.USER_LOGIN.remove(this.remoteAddr);
                } else if (parseInt >= 3) {
                    sendLoginFailAlert(parseLong, this.remoteAddr, encryptorUsername);
                    rPCManager.setLoginSession(false, encryptorUsername);
                    jSONObject2.put("auth", 7);
                    loginLog.setStatus((short) 0);
                    return jSONObject2.toString();
                }
            }
            this.isAuth = baseLogin(this.user, this.password);
            jSONObject2.put("auth", Integer.valueOf(this.isAuth ? 1 : 0));
            if (!this.isAuth) {
                rPCManager.setLoginSession(false, encryptorUsername);
                jSONObject2.put("auth", 0);
                loginLog.setStatus((short) 0);
            }
            Users user = dBManager.getUser(encryptorUsername);
            if (this.isAuth) {
                boolean has = this.jsonObject.has("validCode");
                if (user.getEnable_twoFA() == 1) {
                    if (has) {
                        z = false;
                        if (!twoFactorAuthentication(user.getSecret_key(), this.jsonObject.getString("validCode"))) {
                            this.isAuth = false;
                            jSONObject2.put("auth", 6);
                            loginLog.setStatus((short) 0);
                        }
                    } else {
                        jSONObject2.put("enableTwoFA", true);
                        z = true;
                    }
                }
            }
            if (this.isAuth && !z) {
                JSONObject licenseValidation = licenseValidation(encryptorUsername);
                jSONObject2 = licenseValidation;
                int i = licenseValidation.getInt("auth");
                loginLog.setStatus((short) 1);
                if (i == 2 || i == 5) {
                    loginLog.setStatus((short) 0);
                }
            }
            if (!z) {
                loginLog.setUsername(encryptorUsername);
                loginLog.setLogintime(new Date(this.currentTimeMillis));
                loginLog.setLoginip(this.remoteAddr);
                dBManager.saveLoginLog(loginLog);
                if (!this.isAuth) {
                    long j = this.currentTimeMillis;
                    int i2 = 0;
                    if (TR069Property.USER_LOGIN.get(this.remoteAddr) != null) {
                        String[] split2 = new StringBuilder().append(TR069Property.USER_LOGIN.get(this.remoteAddr)).toString().split("_");
                        j = Long.parseLong(split2[0]);
                        i2 = Integer.parseInt(split2[1]);
                    }
                    TR069Property.USER_LOGIN.put(this.remoteAddr, Long.toString(j) + "_" + Integer.toString(i2 + 1));
                    jSONObject2.put("loginFailCount", Integer.valueOf(i2));
                } else if (TR069Property.USER_LOGIN.get(this.remoteAddr) != null) {
                    TR069Property.USER_LOGIN.remove(this.remoteAddr);
                }
            }
            if (jSONObject2.getInt("auth") != 0) {
                if (this.httpSession != null) {
                    rPCManager.setLoginSession(true, encryptorUsername);
                }
                this.httpSession.setAttribute(TR069Property.LONGIN_USER_ID, user.getUserid());
                jSONObject2.put("userId", user.getUserid());
            }
            if (jSONObject2.getInt("auth") == 1 && encryptorUsername.equals(Constants.ATTR_ROOT) && encryptorUsername2.equals("admin123")) {
                jSONObject2.put("isDefault", 1);
            }
        } catch (Exception e) {
            jSONObject.printStackTrace();
        }
        return jSONObject2.toString();
    }

    private boolean baseLogin(String str, String str2) {
        String encryptorUsername = encryptorUsername(str);
        String encryptorUsername2 = encryptorUsername(str2);
        DBManager dBManager = DBManager.getInstance();
        this.isAuth = checkAuth(str, str2, this.iv, this.code);
        if (!this.isAuth && new ExternalAuthentication(encryptorUsername, encryptorUsername2).isAuthenticated()) {
            Users user = dBManager.getUser(encryptorUsername);
            if (user == null) {
                if (createExUsers()) {
                    this.isAuth = true;
                }
            } else if (user.getStatus().equals("Active")) {
                this.isAuth = true;
            }
        }
        return this.isAuth;
    }

    private JSONObject licenseValidation(String str) {
        int licenseStatus = getLicenseStatus();
        JSONObject jSONObject = new JSONObject();
        if (licenseStatus == 2 || licenseStatus == 4) {
            jSONObject.put("auth", 2);
            this.httpSession.invalidate();
            return jSONObject;
        }
        RPCManager rPCManager = new RPCManager(this.httpSession);
        int i = 1;
        if (licenseStatus != 1) {
            i = licenseStatus;
        }
        if (i == 1) {
            i = checkWholeSaleExpireDate(str);
        }
        if ((i == 1 || i == 5) && rPCManager.isSupportCloudModeNodeFormLicense() && rPCManager.getSupportCloudModeNodeTypeFormLicense() == 0) {
            i = checkCloudGroupLicense(str);
            if (this.minStartDate > 0) {
                jSONObject.put("startDate", Long.valueOf(this.minStartDate));
            }
        }
        jSONObject.put("auth", Integer.valueOf(i));
        this.httpSession.setAttribute("licenseStatus", Integer.valueOf(i));
        jSONObject.put("expireDate", Long.valueOf(this.expireDate));
        UserGroups role = getRole(str);
        if (role != null) {
            jSONObject.put("roleId", role.getGroupid());
            jSONObject.put("roleName", role.getGroupname());
            if (licenseStatus == 3) {
                this.httpSession.setAttribute(TR069Property.LONGIN_USER_ROLE, TR069Property.USERGROUPS_GROUPID_VIEW_ONLY_OPERATOR);
            } else {
                this.httpSession.setAttribute(TR069Property.LONGIN_USER_ROLE, role.getGroupid());
            }
        } else {
            rPCManager.setLoginSession(false, str);
        }
        JSONArray uGroupList = getUGroupList(str);
        jSONObject.put("ugroupList", uGroupList);
        if (uGroupList.size() <= 0) {
            jSONObject.put("auth", 5);
        }
        jSONObject.put("product", "ACS");
        return jSONObject;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v3 */
    /* JADX WARN: Type inference failed for: r0v4, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v9 */
    private int checkCloudGroupLicense(String str) {
        DslPmShow dslPmShow;
        this.minStartDate = 0L;
        String str2 = Constants.URI_LITERAL_ENC;
        Calendar calendar = Calendar.getInstance();
        ?? r0 = 0;
        int i = 0;
        try {
            DBManager dBManager = DBManager.getInstance();
            List uGroups = dBManager.getUGroups(str);
            int i2 = 0;
            while (true) {
                r0 = i2;
                if (r0 >= uGroups.size()) {
                    return i;
                }
                UGroup uGroup = (UGroup) uGroups.get(i2);
                if (uGroup.getId() == 1) {
                    return 1;
                }
                if (uGroup.getEnable_expiredate() == 1 && (dslPmShow = dBManager.getDslPmShow(uGroup.getId())) != null) {
                    String[] split = dslPmShow.getData().split("\\+");
                    if (split.length >= 9) {
                        String str3 = split[6];
                        String str4 = split[7];
                        String replace = str3.replace("-", "/");
                        String replace2 = str4.replace("-", "/");
                        Calendar calendar2 = Calendar.getInstance();
                        Calendar calendar3 = Calendar.getInstance();
                        String[] split2 = replace.split("/");
                        String[] split3 = replace2.split("/");
                        if (split2.length == 3 && split3.length == 3) {
                            calendar2.set(Integer.parseInt(split2[0]), Integer.parseInt(split2[1]) - 1, Integer.parseInt(split2[2]), 0, 0, 0);
                            calendar3.set(Integer.parseInt(split3[0]), Integer.parseInt(split3[1]) - 1, Integer.parseInt(split3[2]), 23, 59, 59);
                            if (i != 1 && calendar2.getTimeInMillis() <= calendar.getTimeInMillis() && calendar.getTimeInMillis() <= calendar3.getTimeInMillis()) {
                                i = 1;
                            }
                            if (i != 1 && calendar.getTimeInMillis() > calendar3.getTimeInMillis()) {
                                i = 5;
                            }
                            if (i != 1 && calendar.getTimeInMillis() < calendar2.getTimeInMillis()) {
                                i = 8;
                            }
                            if (str2 == Constants.URI_LITERAL_ENC) {
                                str2 = str3;
                                Calendar calendar4 = Calendar.getInstance();
                                String[] split4 = str2.replace("-", "/").split("/");
                                calendar4.set(Integer.parseInt(split4[0]), Integer.parseInt(split4[1]) - 1, Integer.parseInt(split4[2]), 0, 0, 0);
                                this.minStartDate = calendar4.getTimeInMillis();
                            }
                            Calendar calendar5 = Calendar.getInstance();
                            String[] split5 = str2.replace("-", "/").split("/");
                            calendar5.set(Integer.parseInt(split5[0]), Integer.parseInt(split5[1]) - 1, Integer.parseInt(split5[2]), 0, 0, 0);
                            if (calendar5.getTimeInMillis() > calendar2.getTimeInMillis()) {
                                str2 = str3;
                                this.minStartDate = calendar5.getTimeInMillis();
                            }
                        }
                    }
                }
                i2++;
            }
        } catch (Exception e) {
            r0.printStackTrace();
            return i;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v4, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v7, types: [boolean] */
    private boolean twoFactorAuthentication(String str, String str2) {
        String bv = new c(this.iv, str, this.code, this.servletType).bv();
        ?? bv2 = new c(this.iv, str2, this.code, this.servletType).bv();
        try {
            bv2 = TimeBasedOneTimePasswordUtil.validateCurrentNumber(bv, Integer.parseInt(bv2), 60000);
            return bv2 != 0;
        } catch (Exception e) {
            bv2.printStackTrace();
            return false;
        }
    }

    public String acsLogin() {
        this.user = new StringBuilder().append(this.jsonObject.get("user")).toString();
        this.password = new StringBuilder().append(this.jsonObject.get("password")).toString();
        this.code = new StringBuilder().append(this.jsonObject.get("code")).toString();
        this.remoteAddr = this.request.getRemoteAddr();
        this.servletType = 1;
        DBManager dBManager = DBManager.getInstance();
        LoginLog loginLog = new LoginLog();
        JSONObject jSONObject = new JSONObject();
        HashMap hashMap = new HashMap();
        this.isInit = true;
        this.isAuth = checkAuth(this.user, this.password, this.iv, this.code);
        int licenseStatus = getLicenseStatus();
        String encryptorUsername = encryptorUsername(this.user);
        String encryptorUsername2 = encryptorUsername(this.password);
        if (!this.isAuth && new ExternalAuthentication(encryptorUsername, encryptorUsername2).isAuthenticated()) {
            Users user = dBManager.getUser(encryptorUsername);
            if (user == null) {
                if (createExUsers()) {
                    this.isAuth = true;
                }
            } else if (user.getStatus().equals("Active")) {
                this.isAuth = true;
            }
        }
        if (licenseStatus == 2 || licenseStatus == 4) {
            this.isAuth = false;
            this.httpSession.invalidate();
            return "{\"auth\":2}";
        }
        RPCManager rPCManager = new RPCManager(this.httpSession);
        if (this.isAuth) {
            int i = 1;
            if (licenseStatus != 1) {
                i = licenseStatus;
            }
            if (i == 1) {
                i = checkWholeSaleExpireDate(encryptorUsername);
            }
            hashMap.put("auth", Integer.valueOf(i));
            this.httpSession.setAttribute("licenseStatus", Integer.valueOf(i));
            hashMap.put("expireDate", Long.valueOf(this.expireDate));
            loginLog.setStatus((short) 1);
            rPCManager.setLoginSession(true, encryptorUsername);
            UserGroups role = getRole(encryptorUsername);
            if (role != null) {
                hashMap.put("roleId", role.getGroupid());
                hashMap.put("roleName", role.getGroupname());
                if (licenseStatus == 3) {
                    this.httpSession.setAttribute(TR069Property.LONGIN_USER_ROLE, TR069Property.USERGROUPS_GROUPID_VIEW_ONLY_OPERATOR);
                } else {
                    this.httpSession.setAttribute(TR069Property.LONGIN_USER_ROLE, role.getGroupid());
                }
            } else {
                rPCManager.setLoginSession(false, encryptorUsername);
            }
            JSONArray uGroupList = getUGroupList(encryptorUsername);
            hashMap.put("ugroupList", uGroupList);
            if (uGroupList.size() <= 0) {
                hashMap.put("auth", 5);
                loginLog.setStatus((short) 0);
            }
        } else {
            rPCManager.setLoginSession(false, encryptorUsername);
            hashMap.put("auth", 0);
            loginLog.setStatus((short) 0);
        }
        loginLog.setUsername(encryptorUsername);
        loginLog.setLogintime(new Date(this.currentTimeMillis));
        loginLog.setLoginip(this.remoteAddr);
        jSONObject.putAll(hashMap);
        dBManager.saveLoginLog(loginLog);
        return jSONObject.toString();
    }

    private UserGroups getRole(String str) {
        DeviceManager deviceManager = DeviceManager.getInstance();
        if (deviceManager.getRootNetwork().getUserHomeNetworkMap(str) == null) {
            deviceManager.refreshUserNetwork(str);
        }
        UserGroups userGroups = null;
        try {
            userGroups = DBManager.getInstance().getUser(str).getRole().getRole();
        } catch (Exception unused) {
        }
        return userGroups;
    }

    private JSONArray getUGroupList(String str) {
        List<UGroup> uGroupList = DeviceManager.getInstance().getUGroupList(str);
        JSONArray jSONArray = new JSONArray();
        for (UGroup uGroup : uGroupList) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(Constants.ATTR_ID, Integer.valueOf(uGroup.getId()));
            jSONObject.put("name", uGroup.getName());
            jSONArray.add(jSONObject);
        }
        return jSONArray;
    }

    private String encryptorUsername(String str) {
        return new c(this.iv, str, this.code, this.servletType).bv();
    }

    public boolean isValid(HttpSession httpSession) {
        if (!this.isInit) {
            get();
        }
        return this.isAuth;
    }

    private int getLicenseStatus() {
        int i;
        DslPmShow dslPmShow = DBManager.getInstance().getDslPmShow();
        if (dslPmShow == null) {
            i = 2;
        } else if (dslPmShow.isIsTrial() && dslPmShow.isExpired()) {
            System.out.println("Trial expire!!");
            i = 4;
        } else if (dslPmShow.isExpired()) {
            System.out.println("License expire!!");
            i = 3;
        } else {
            this.expireDate = dslPmShow.getExpDate();
            i = 1;
        }
        return i;
    }

    private boolean checkAuth(String str, String str2, String str3, String str4) {
        boolean z = false;
        c cVar = new c(str3, str, str4, this.servletType);
        c cVar2 = new c(str3, str2, str4, this.servletType);
        String bv = cVar.bv();
        String bv2 = cVar2.bv();
        if (bv != null && bv2 != null) {
            DBManager dBManager = DBManager.getInstance();
            z = dBManager.authUser(bv, bv2, Encryptor.digest(bv2), Encryptor.digest(bv2 + dBManager.getSaltStr()));
        }
        return z;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Exception] */
    /* JADX WARN: Type inference failed for: r0v12, types: [boolean] */
    private int checkWholeSaleExpireDate(String str) {
        List uGroupList;
        String[] split;
        ?? r0 = 5;
        int i = 5;
        try {
            uGroupList = DeviceManager.getInstance().getUGroupList(str);
        } catch (Exception e) {
            r0.printStackTrace();
        }
        if (uGroupList == null || uGroupList.size() <= 0) {
            return 1;
        }
        Iterator it = uGroupList.iterator();
        while (true) {
            r0 = it.hasNext();
            if (r0 == 0) {
                break;
            }
            UGroup uGroup = (UGroup) it.next();
            if (uGroup.getEnable_expiredate() != 1) {
                i = 1;
                break;
            }
            String expiredate = uGroup.getExpiredate();
            if (expiredate != null && !Constants.URI_LITERAL_ENC.equals(expiredate.trim()) && (split = expiredate.replace("-", "/").split("/")) != null && split.length >= 3) {
                Calendar calendar = Calendar.getInstance();
                calendar.set(Integer.parseInt(split[0]), Integer.parseInt(split[1]) - 1, Integer.parseInt(split[2]), 23, 59);
                if (calendar.getTimeInMillis() > Calendar.getInstance().getTimeInMillis()) {
                    i = 1;
                    break;
                }
                System.out.println("Wholesale expire");
                i = 5;
            }
        }
        return i;
    }

    @Override // tw.com.draytek.acs.html5.Html5JSONHandler
    public String set() {
        return Constants.URI_LITERAL_ENC;
    }

    public boolean createExUsers() {
        Users users = new Users();
        DBManager dBManager = DBManager.getInstance();
        users.setUsername(encryptorUsername(this.user));
        users.setUserpassword(Constants.URI_LITERAL_ENC);
        users.setAuthentication("External");
        users.setStatus("Active");
        users.setUpdatetime(new Date(this.currentTimeMillis).toString());
        return dBManager.createUserBySysAdmin(users, 0, TR069Property.USERGROUPS_GROUPID_VIEW_ONLY_OPERATOR);
    }

    private void sendLoginFailAlert(long j, String str, String str2) {
        DBManager dBManager = DBManager.getInstance();
        Date date = new Date(j);
        MailServer mailServer = dBManager.getMailServer(-1);
        Users user = dBManager.getUser(str2);
        if (mailServer == null || !mailServer.isNotifyon() || user.getUseremail() == Constants.URI_LITERAL_ENC || TR069Property.USER_LOGIN.get(str) == null) {
            return;
        }
        f fVar = new f(date, str, str2, user.getUseremail(), mailServer);
        String[] split = new StringBuilder().append(TR069Property.USER_LOGIN.get(str)).toString().split("_");
        if (split.length < 3) {
            dBManager.saveMailService(fVar, -1);
            TR069Property.USER_LOGIN.put(this.remoteAddr, split[0] + "_" + split[1] + "_1");
        }
    }
}
