package net.sf.jguard.jee.authentication.callbacks;

import com.octo.captcha.service.CaptchaService;
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Arrays;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.LanguageCallback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.jguard.core.authentication.AuthenticationUtils;
import net.sf.jguard.core.authentication.callbacks.InetAddressCallback;
import net.sf.jguard.ext.authentication.callbacks.CallbackHandlerUtils;
import net.sf.jguard.ext.authentication.callbacks.JCaptchaCallback;
import net.sf.jguard.jee.authentication.http.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xbill.DNS.ExtendedResolver;
import org.xbill.DNS.Message;
import org.xbill.DNS.Record;
import org.xbill.DNS.ReverseMap;

/* loaded from: input_file:net/sf/jguard/jee/authentication/callbacks/HttpServletCallbackHandler.class */
public class HttpServletCallbackHandler implements CallbackHandler {
    public static final String AUTHORIZATION = "Authorization";
    private static final String BASIC_REALM = "Basic realm=\"";
    private static final String NO_CACHE_AUTHORIZATION = "no-cache=\"Authorization\"";
    private static final String CACHE_CONTROL = "Cache-Control";
    private static final String WWW_AUTHENTICATE = "WWW-Authenticate";
    private static final Logger logger;
    private HttpServletRequest httpServletRequest;
    private HttpServletResponse httpServletResponse;
    private static String authSchemes;
    private static String loginField;
    private static String passwordField;
    private boolean afterRegistration;
    static Class class$net$sf$jguard$jee$authentication$callbacks$HttpServletCallbackHandler;

    public HttpServletCallbackHandler() {
    }

    public HttpServletCallbackHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.httpServletRequest = httpServletRequest;
        Boolean bool = (Boolean) httpServletRequest.getAttribute("registrationDone");
        if (bool != null) {
            this.afterRegistration = bool.booleanValue();
        }
        this.httpServletResponse = httpServletResponse;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        boolean z = false;
        for (Callback callback : callbackArr) {
            if (callback instanceof InetAddressCallback) {
                String remoteAddr = this.httpServletRequest.getRemoteAddr();
                String remoteHost = this.httpServletRequest.getRemoteHost();
                InetAddressCallback inetAddressCallback = (InetAddressCallback) callback;
                inetAddressCallback.setHostAdress(remoteAddr);
                if (remoteAddr.equals(remoteHost)) {
                    String str = remoteAddr;
                    try {
                        str = reverseDns(remoteAddr);
                    } catch (UnknownHostException e) {
                        logger.warn(new StringBuffer().append(" host bound to address ").append(remoteAddr).append("cannot be resolved").toString(), e);
                    }
                    inetAddressCallback.setHostName(str);
                } else {
                    inetAddressCallback.setHostName(remoteHost);
                }
            } else if (callback instanceof LanguageCallback) {
                ((LanguageCallback) callback).setLocale(this.httpServletRequest.getLocale());
            }
        }
        logger.debug(new StringBuffer().append("authSchemes=").append(authSchemes).toString());
        for (String str2 : Arrays.asList(authSchemes.split(","))) {
            if (!z && HttpConstants.FORM_AUTH.equalsIgnoreCase(str2)) {
                grabFormCredentials(this.httpServletRequest, callbackArr);
                z = true;
            } else if (!z && HttpConstants.BASIC_AUTH.equalsIgnoreCase(str2)) {
                grabBasicCredentials(this.httpServletRequest, callbackArr);
                z = true;
            } else if (!z && HttpConstants.DIGEST_AUTH.equalsIgnoreCase(str2)) {
                grabDigestCredentials(this.httpServletRequest, callbackArr);
                z = true;
            }
            if (HttpConstants.CLIENT_CERT_AUTH.equalsIgnoreCase(str2) && !grabClientCertCredentials(this.httpServletRequest, callbackArr)) {
                logger.info(" X509 certificates are not found ");
            }
        }
    }

    public static void buildBasicChallenge(HttpServletResponse httpServletResponse, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(BASIC_REALM);
        stringBuffer.append(str);
        stringBuffer.append("\"");
        httpServletResponse.setHeader(WWW_AUTHENTICATE, stringBuffer.toString());
        httpServletResponse.setHeader(CACHE_CONTROL, NO_CACHE_AUTHORIZATION);
        httpServletResponse.setStatus(401);
    }

    private boolean grabBasicCredentials(HttpServletRequest httpServletRequest, Callback[] callbackArr) {
        return CallbackHandlerUtils.grabBasicCredentials(httpServletRequest.getHeader(AUTHORIZATION), httpServletRequest.getCharacterEncoding(), callbackArr);
    }

    private boolean grabFormCredentials(HttpServletRequest httpServletRequest, Callback[] callbackArr) {
        HttpSession session = httpServletRequest.getSession();
        for (int i = 0; i < callbackArr.length; i++) {
            if (callbackArr[i] instanceof NameCallback) {
                ((NameCallback) callbackArr[i]).setName(this.httpServletRequest.getParameter(loginField));
            } else if (callbackArr[i] instanceof PasswordCallback) {
                PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                String parameter = this.httpServletRequest.getParameter(passwordField);
                if (parameter == null || parameter == "") {
                    passwordCallback.setPassword(null);
                } else {
                    passwordCallback.setPassword(parameter.toCharArray());
                }
            } else if (callbackArr[i] instanceof JCaptchaCallback) {
                JCaptchaCallback jCaptchaCallback = (JCaptchaCallback) callbackArr[i];
                jCaptchaCallback.setCaptchaAnswer(this.httpServletRequest.getParameter("captchaAnswer"));
                jCaptchaCallback.setCaptchaService((CaptchaService) session.getServletContext().getAttribute("captchaService"));
                if (((AuthenticationUtils) session.getAttribute("authenticationUtils")).getSubject() == null || this.afterRegistration) {
                    jCaptchaCallback.setSkipJCaptchaChallenge(true);
                }
                jCaptchaCallback.setSessionID(session.getId());
            }
        }
        return true;
    }

    private boolean grabDigestCredentials(HttpServletRequest httpServletRequest, Callback[] callbackArr) {
        boolean z = false;
        if ("" != 0 && "" != 0) {
            z = true;
        }
        return z;
    }

    private boolean grabClientCertCredentials(HttpServletRequest httpServletRequest, Callback[] callbackArr) {
        if (httpServletRequest.isSecure()) {
            return CallbackHandlerUtils.grabClientCertCredentials(callbackArr, (Object[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate"));
        }
        logger.warn(" certificate-based authentication MUST be do in secure mode ");
        logger.warn(new StringBuffer().append(" but connection is do with the non secured protocol ").append(httpServletRequest.getScheme()).toString());
        return false;
    }

    public static void buildFormChallenge(FilterChain filterChain, ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public static void buildDigestChallenge(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        httpServletResponse.setHeader(WWW_AUTHENTICATE, CallbackHandlerUtils.buildDigestChallenge(str).toString());
        httpServletResponse.setStatus(401);
    }

    public static String getPasswordField() {
        return passwordField;
    }

    public static void setPasswordField(String str) {
        if (str != null) {
            passwordField = str;
        }
    }

    public static String getLoginField() {
        return loginField;
    }

    public static void setLoginField(String str) {
        if (str != null) {
            loginField = str;
        }
    }

    private String reverseDns(String str) throws IOException {
        Record[] sectionArray = new ExtendedResolver().send(Message.newQuery(Record.newRecord(ReverseMap.fromAddress(str), 12, 1))).getSectionArray(1);
        return sectionArray.length == 0 ? str : sectionArray[0].rdataToString();
    }

    public String getAuthScheme() {
        return authSchemes;
    }

    public static void setAuthSchemes(String str) {
        authSchemes = str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$jee$authentication$callbacks$HttpServletCallbackHandler == null) {
            cls = class$("net.sf.jguard.jee.authentication.callbacks.HttpServletCallbackHandler");
            class$net$sf$jguard$jee$authentication$callbacks$HttpServletCallbackHandler = cls;
        } else {
            cls = class$net$sf$jguard$jee$authentication$callbacks$HttpServletCallbackHandler;
        }
        logger = LoggerFactory.getLogger(cls);
        authSchemes = HttpConstants.FORM_AUTH;
        loginField = "login";
        passwordField = "password";
    }
}
