package com.day.crx.security.user;

import com.day.crx.security.Impersonation;
import com.day.crx.security.User;
import com.day.crx.security.principals.UserPrincipal;
import com.day.crx.security.spi.DigestCredentials;
import com.day.smb.ntlm.NTLM;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.Arrays;
import javax.jcr.Credentials;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.SimpleCredentials;
import javax.jcr.lock.LockException;
import javax.jcr.nodetype.ConstraintViolationException;
import javax.jcr.version.VersionException;
import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/day/crx/security/user/UserImpl.class */
public class UserImpl extends CovenanteeImpl implements User {
    static final String CVS_ID = "$URL: http://svn.day.com/repos/crx/tags/crx-1.4.2-load3/repository/crx-core/src/main/java/com/day/crx/security/user/UserImpl.java $ $Rev: 35996 $ $Date: 2008-05-21 17:02:47 +0200 (Wed, 21 May 2008) $";
    private Impersonation impersonation;
    private Principal main;
    private static final String EMAIL_PROPERTY_NAME = "rep:e-mail";
    protected static final String USERID_PROPERTY_NAME = "rep:userId";
    private static final String FULLNAME_PROPERTY_NAME = "rep:fullname";
    private static final String PASSWORD_PROPERTY_NAME = "rep:password";
    private static final String NTLM_HASH_PROPERTY_NAME = "rep:ntlmhash";
    private static final Logger log;
    private final boolean admin;
    static Class class$com$day$crx$security$user$UserImpl;

    /* JADX INFO: Access modifiers changed from: package-private */
    public UserImpl(Node node) throws RepositoryException {
        this(node, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UserImpl(Node node, boolean z) throws RepositoryException {
        super(node, node.getSession());
        this.admin = z;
    }

    public String getName() throws RepositoryException {
        return "".equals(getPropertyValue(FULLNAME_PROPERTY_NAME)) ? getUserID() : getPropertyValue(FULLNAME_PROPERTY_NAME);
    }

    @Override // com.day.crx.security.user.CovenanteeImpl
    public boolean isAdmin() {
        return this.admin;
    }

    public boolean isUser() {
        return true;
    }

    public boolean isGroup() {
        return false;
    }

    public Principal getPrincipal() throws RepositoryException {
        if (this.main == null) {
            this.main = new UserPrincipal(getPrincipalName(), getNode().getPath(), this);
        }
        return this.main;
    }

    public String getUserID() throws RepositoryException {
        return getPropertyValue("rep:userId");
    }

    public String getEMail() throws RepositoryException {
        return getPropertyValue(EMAIL_PROPERTY_NAME);
    }

    public void setEMail(String str) throws RepositoryException {
        setProperty(EMAIL_PROPERTY_NAME, str);
    }

    public void setPassword(String str, String str2) throws RepositoryException, NoSuchAlgorithmException {
        if (str2 == null) {
            str2 = "sha1";
        }
        StringBuffer stringBuffer = new StringBuffer("{");
        stringBuffer.append(str2);
        stringBuffer.append("}");
        stringBuffer.append(Text.digest(str2, str.getBytes()));
        setProperty("rep:password", stringBuffer.toString());
        try {
            setProperty(NTLM_HASH_PROPERTY_NAME, com.day.text.Text.digest("ntlm", str, (String) null));
        } catch (UnsupportedEncodingException e) {
            log.warn("Unable to store NTLM hash: encoding not supported.", e);
        }
    }

    public boolean authenticate(Credentials credentials) throws RepositoryException {
        if (credentials instanceof SimpleCredentials) {
            SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
            if (simpleCredentials.getUserID().equals(getUserID())) {
                return verifyPassword(simpleCredentials.getPassword());
            }
            return false;
        }
        if (!(credentials instanceof DigestCredentials)) {
            return false;
        }
        DigestCredentials digestCredentials = (DigestCredentials) credentials;
        if (digestCredentials.getUserID().equals(getUserID())) {
            return verifyDigest(digestCredentials);
        }
        return false;
    }

    public Impersonation getImpersonation() throws RepositoryException {
        if (this.impersonation == null) {
            this.impersonation = new ImpersonationImpl(this);
        }
        return this.impersonation;
    }

    private boolean verifyPassword(char[] cArr) throws RepositoryException {
        if (cArr.length < 1) {
            log.warn("attempt to verify empty password for {}, denied", getUserID());
        }
        boolean z = false;
        String propertyValue = getPropertyValue("rep:password");
        int indexOf = propertyValue.indexOf("{");
        int indexOf2 = propertyValue.indexOf("}");
        if (indexOf == 0 && indexOf2 > -1 && indexOf2 < propertyValue.length()) {
            String substring = propertyValue.substring(1, indexOf2);
            String substring2 = propertyValue.substring(indexOf2 + 1);
            try {
                z = substring.equalsIgnoreCase("ntlm") ? substring2.equals(com.day.text.Text.digest("ntlm", new String(cArr), (String) null)) : substring2.equals(Text.digest(substring, new String(cArr), "UTF-8"));
            } catch (UnsupportedEncodingException e) {
                log.error("tried to verify password against unsupported encoding: UTF-8");
            } catch (NoSuchAlgorithmException e2) {
                log.error(new StringBuffer().append("tried to verify password against unsupported encryption: ").append(substring).toString());
            }
        }
        return z;
    }

    private void setProperty(String str, String str2) throws RepositoryException, LockException, ConstraintViolationException, VersionException {
        Node node = getNode();
        node.setProperty(str, str2);
        node.save();
    }

    private boolean verifyDigest(DigestCredentials digestCredentials) throws RepositoryException {
        String propertyValue = getPropertyValue(NTLM_HASH_PROPERTY_NAME);
        if (propertyValue.equals("")) {
            log.error(new StringBuffer().append("Unable to verify digest: no NTLM hash saved for user ").append(getUserID()).toString());
            return false;
        }
        try {
            try {
                return Arrays.equals(NTLM.lmResponse(toByteArray(propertyValue), digestCredentials.getChallenge()), digestCredentials.getResponse());
            } catch (Exception e) {
                log.error(new StringBuffer().append("Unable to compute LM response.").append(e.getMessage()).toString());
                return false;
            }
        } catch (IllegalArgumentException e2) {
            log.error(new StringBuffer().append("Unable to convert digest string to a byte array: ").append(e2.getMessage()).toString());
            return false;
        }
    }

    private static byte[] toByteArray(String str) throws IllegalArgumentException {
        int i;
        int i2;
        char[] charArray = str.toCharArray();
        if (charArray.length % 2 != 0) {
            throw new IllegalArgumentException("Hex string must have even size.");
        }
        byte[] bArr = new byte[charArray.length / 2];
        for (int i3 = 0; i3 < bArr.length; i3++) {
            int i4 = 0;
            for (int i5 = 0; i5 < 2; i5++) {
                int i6 = i4 << 4;
                char c = charArray[(i3 * 2) + i5];
                if (c >= '0' && c <= '9') {
                    i = i6;
                    i2 = c - '0';
                } else if (c >= 'A' && c <= 'F') {
                    i = i6;
                    i2 = (c - 'A') + 10;
                } else {
                    if (c < 'a' || c > 'f') {
                        throw new IllegalArgumentException(new StringBuffer().append("Unable to convert ").append(c).append(" to a byte.").toString());
                    }
                    i = i6;
                    i2 = (c - 'a') + 10;
                }
                i4 = i + i2;
            }
            bArr[i3] = (byte) i4;
        }
        return bArr;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$day$crx$security$user$UserImpl == null) {
            cls = class$("com.day.crx.security.user.UserImpl");
            class$com$day$crx$security$user$UserImpl = cls;
        } else {
            cls = class$com$day$crx$security$user$UserImpl;
        }
        log = LoggerFactory.getLogger(cls);
    }
}
