package org.apache.ignite.agent.action.controller;

import org.apache.ignite.IgniteAuthenticationException;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.IgniteLogger;
import org.apache.ignite.agent.ManagementConsoleProcessor;
import org.apache.ignite.agent.action.Session;
import org.apache.ignite.agent.action.SessionRegistry;
import org.apache.ignite.agent.action.annotation.ActionController;
import org.apache.ignite.agent.dto.action.AuthenticateCredentials;
import org.apache.ignite.agent.utils.AgentUtils;
import org.apache.ignite.internal.GridKernalContext;
import org.apache.ignite.internal.util.typedef.internal.U;

@ActionController("SecurityActions")
/* loaded from: input_file:org/apache/ignite/agent/action/controller/SecurityActionsController.class */
public class SecurityActionsController {
    private final GridKernalContext ctx;
    private final SessionRegistry registry;
    private final IgniteLogger log;

    public SecurityActionsController(GridKernalContext gridKernalContext) {
        this.ctx = gridKernalContext;
        this.log = gridKernalContext.log(SecurityActionsController.class);
        this.registry = ((ManagementConsoleProcessor) gridKernalContext.managementConsole()).sessionRegistry();
    }

    public String authenticate(AuthenticateCredentials authenticateCredentials) throws IgniteCheckedException {
        Session authenticate0 = authenticate0(authenticateCredentials);
        this.registry.saveSession(authenticate0);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Session ID was generated for request: " + authenticate0.id());
        }
        return authenticate0.id().toString();
    }

    private Session authenticate0(AuthenticateCredentials authenticateCredentials) throws IgniteCheckedException {
        boolean enabled = this.ctx.security().enabled();
        boolean enabled2 = this.ctx.authentication().enabled();
        if (authenticateCredentials.getCredentials() == null) {
            throw new IgniteAuthenticationException("Authentication failed, credentials not found");
        }
        Session random = Session.random();
        random.address(authenticateCredentials.getAddress());
        random.credentials(authenticateCredentials.getCredentials());
        if (enabled) {
            random.lastInvalidateTime(U.currentTimeMillis());
            random.securityContext(AgentUtils.authenticate(this.ctx.security(), random));
        } else if (enabled2) {
            random.authorizationContext(AgentUtils.authenticate(this.ctx.authentication(), random));
        }
        return random;
    }
}
