package org.dspace.app.dav;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.sql.SQLException;
import java.util.Date;
import java.util.StringTokenizer;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.dspace.authenticate.AuthenticationManager;
import org.dspace.authorize.AuthorizeException;
import org.dspace.core.ConfigurationManager;
import org.dspace.core.Context;
import org.dspace.core.LogManager;
import org.dspace.core.Utils;
import org.dspace.eperson.EPerson;

/* loaded from: input_file:WEB-INF/classes/org/dspace/app/dav/DAVServlet.class */
public class DAVServlet extends HttpServlet {
    private static final String METHOD_PROPFIND = "PROPFIND";
    private static final String METHOD_PROPPATCH = "PROPPATCH";
    private static final String METHOD_MKCOL = "MKCOL";
    private static final String METHOD_COPY = "COPY";
    private static final String METHOD_MOVE = "MOVE";
    private static final String METHOD_DELETE = "DELETE";
    private static final String METHOD_GET = "GET";
    private static final String METHOD_PUT = "PUT";
    private static final String METHOD_OPTIONS = "OPTIONS";
    private static final int HTTP_STATUS_MESSAGE_MAX = 1000;
    private static final String COOKIE_NAME = "DSpaceDavAuth";
    private static final long COOKIE_SELL_BY = 1800000;
    private static Logger log = Logger.getLogger(DAVServlet.class);
    private static boolean allowAnonymousAccess = ConfigurationManager.getBooleanProperty("dav.access.anonymous");
    private static final String cookieSecret = Utils.generateHexKey();

    private static Cookie gimmeCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(COOKIE_NAME)) {
                return cookie;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean getAuthFromCookie(Context context, HttpServletRequest httpServletRequest) throws SQLException {
        Cookie gimmeCookie = gimmeCookie(httpServletRequest);
        if (gimmeCookie == null) {
            return false;
        }
        String[] split = gimmeCookie.getValue().split("\\!");
        if (split.length != 4) {
            log.warn("Got invalid cookie value = \"" + gimmeCookie.getValue() + "\"");
            return false;
        }
        try {
            long parseLong = Long.parseLong(split[0]);
            int parseInt = Integer.parseInt(split[1]);
            long time = new Date().getTime();
            if (parseLong > time || time - parseLong > COOKIE_SELL_BY) {
                log.warn("Cookie is stale or has weird time, value = \"" + gimmeCookie.getValue() + "\"");
                return false;
            }
            if (!split[2].equals(httpServletRequest.getRemoteAddr())) {
                log.warn("Cookie fails IP Addr test, value = \"" + gimmeCookie.getValue() + "\"");
                return false;
            }
            if (!Utils.getMD5(split[0] + "!" + split[1] + "!" + split[2] + "!" + cookieSecret).equals(split[3])) {
                log.warn("Cookie fails MAC test, value = \"" + gimmeCookie.getValue() + "\"");
                return false;
            }
            EPerson find = EPerson.find(context, parseInt);
            if (find == null) {
                return false;
            }
            context.setCurrentUser(find);
            log.debug("Got authenticated user from cookie, id=" + split[1]);
            return true;
        } catch (NumberFormatException e) {
            log.warn("Error groveling cookie, " + e.toString());
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void putAuthCookie(Context context, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        Cookie gimmeCookie = gimmeCookie(httpServletRequest);
        long time = new Date().getTime();
        if (!z && gimmeCookie != null) {
            String[] split = gimmeCookie.getValue().split("\\!");
            if (split.length == 4) {
                long j = -1;
                try {
                    j = Long.parseLong(split[0]);
                } catch (NumberFormatException e) {
                }
                if (j > 0 && time - j < 900000) {
                    return;
                }
            }
        }
        EPerson currentUser = context.getCurrentUser();
        if (currentUser == null) {
            return;
        }
        String str = String.valueOf(time) + "!" + String.valueOf(currentUser.getID()) + "!" + httpServletRequest.getRemoteAddr() + "!";
        String md5 = Utils.getMD5(str + cookieSecret);
        Cookie cookie = new Cookie(COOKIE_NAME, str + md5);
        cookie.setPath(httpServletRequest.getContextPath());
        httpServletResponse.addCookie(cookie);
        log.debug("Setting new cookie, value = \"" + str + md5 + "\"");
    }

    private static Context authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws IOException, SQLException {
        Context context = new Context();
        try {
            if (getAuthFromCookie(context, httpServletRequest)) {
                putAuthCookie(context, httpServletRequest, httpServletResponse, false);
                Context context2 = null;
                if (0 != 0) {
                    context2.abort();
                }
                return context;
            }
            String header = httpServletRequest.getHeader("Authorization");
            if (header != null && str == null && str2 == null) {
                log.info(LogManager.getHeader(context, "got creds", "Authorize: " + header));
                StringTokenizer stringTokenizer = new StringTokenizer(header);
                if (stringTokenizer.nextToken().equalsIgnoreCase("Basic")) {
                    String nextToken = stringTokenizer.nextToken();
                    String str3 = new String(Base64.decodeBase64(nextToken.getBytes()));
                    int indexOf = str3.indexOf(58);
                    if (indexOf > 0) {
                        str = decodeFromURL(str3.substring(0, indexOf));
                        str2 = decodeFromURL(str3.substring(indexOf + 1));
                        log.info(LogManager.getHeader(context, "auth", "Got username=\"" + str + "\" out of \"" + nextToken + "\"."));
                    }
                }
            }
            if (AuthenticationManager.authenticate(context, str, str2, (String) null, httpServletRequest) == 1) {
                log.info(LogManager.getHeader(context, "auth", "Authentication returned SUCCESS, eperson=" + context.getCurrentUser().getEmail()));
            } else {
                if (str == null) {
                    log.info(LogManager.getHeader(context, "auth", "No credentials, so sending WWW-Authenticate header."));
                } else {
                    log.warn(LogManager.getHeader(context, "auth", "Authentication FAILED, cred=" + header));
                }
                if (!allowAnonymousAccess) {
                    if (httpServletResponse != null) {
                        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"dspace\"");
                        httpServletResponse.sendError(401);
                    }
                    return null;
                }
            }
            for (int i : AuthenticationManager.getSpecialGroups(context, httpServletRequest)) {
                context.setSpecialGroup(i);
                log.debug("Adding Special Group id=" + String.valueOf(i));
            }
            putAuthCookie(context, httpServletRequest, httpServletResponse, true);
            Context context3 = null;
            if (0 != 0) {
                context3.abort();
            }
            return context;
        } finally {
            if (context != null) {
                context.abort();
            }
        }
    }

    private static String getDavResourcePath(HttpServletRequest httpServletRequest) {
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        String servletPath = httpServletRequest.getServletPath();
        if (substring.startsWith(servletPath)) {
            substring = substring.substring(servletPath.length());
        }
        StringBuffer stringBuffer = new StringBuffer(substring);
        int length = substring.length() - 2;
        if (length > 0) {
            while (true) {
                int lastIndexOf = substring.lastIndexOf("//", length);
                if (lastIndexOf <= -1) {
                    break;
                }
                stringBuffer.deleteCharAt(lastIndexOf + 1);
                length = lastIndexOf - 1;
            }
        }
        if (stringBuffer.length() > 0 && stringBuffer.charAt(0) == '/') {
            stringBuffer.deleteCharAt(0);
        }
        String stringBuffer2 = stringBuffer.toString();
        log.debug("Got DAV URI: PATH_INFO=\"" + stringBuffer2 + "\"");
        return stringBuffer2;
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String method = httpServletRequest.getMethod();
        if (method.equals(METHOD_OPTIONS)) {
            doOptions(httpServletRequest, httpServletResponse);
        } else {
            if (serviceInternal(method, httpServletRequest, httpServletResponse)) {
                return;
            }
            super.service(httpServletRequest, httpServletResponse);
        }
    }

    private static String truncateForStatus(String str) {
        return str.length() > HTTP_STATUS_MESSAGE_MAX ? str.substring(0, HTTP_STATUS_MESSAGE_MAX) + "... [Message truncated, see logs for details.]" : str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean serviceInternal(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (str.equals(METHOD_PUT) && httpServletRequest.getQueryString().indexOf("delete=true") >= 0) {
            str = METHOD_DELETE;
        }
        if (str.equals(METHOD_PUT) && httpServletRequest.getQueryString().indexOf("mkcol=true") >= 0) {
            str = METHOD_MKCOL;
        }
        if (!str.equals(METHOD_PROPFIND) && !str.equals(METHOD_PROPPATCH) && !str.equals(METHOD_MKCOL) && !str.equals(METHOD_COPY) && !str.equals(METHOD_MOVE) && !str.equals(METHOD_DELETE) && !str.equals(METHOD_GET) && !str.equals(METHOD_PUT)) {
            return false;
        }
        httpServletRequest.setCharacterEncoding("UTF-8");
        String[] split = getDavResourcePath(httpServletRequest).split("/");
        Context context = null;
        try {
            try {
                try {
                    context = authenticate(httpServletRequest, httpServletResponse, null, null);
                    if (context == null) {
                        if (context != null && context.isValid()) {
                            context.abort();
                        }
                        return true;
                    }
                    DAVResource findResource = DAVResource.findResource(context, httpServletRequest, httpServletResponse, split);
                    if (findResource != null) {
                        if (str.equals(METHOD_PROPFIND)) {
                            findResource.propfind();
                        } else if (str.equals(METHOD_PROPPATCH)) {
                            findResource.proppatch();
                        } else if (str.equals(METHOD_COPY)) {
                            findResource.copy();
                        } else if (str.equals(METHOD_DELETE)) {
                            findResource.delete();
                        } else if (str.equals(METHOD_MKCOL)) {
                            findResource.mkcol();
                        } else if (str.equals(METHOD_GET)) {
                            findResource.get();
                        } else if (str.equals(METHOD_PUT)) {
                            findResource.put();
                        } else {
                            httpServletResponse.sendError(501);
                        }
                        context.complete();
                        context = null;
                    }
                    if (context == null || !context.isValid()) {
                        return true;
                    }
                    context.abort();
                    return true;
                } catch (SQLException e) {
                    log.error(e.toString(), e);
                    httpServletResponse.sendError(500, truncateForStatus("Database access error: " + e.toString()));
                    if (context == null || !context.isValid()) {
                        return true;
                    }
                    context.abort();
                    return true;
                } catch (DAVStatusException e2) {
                    log.error(e2.toString(), e2);
                    httpServletResponse.sendError(e2.getStatus(), truncateForStatus(e2.getMessage()));
                    if (context == null || !context.isValid()) {
                        return true;
                    }
                    context.abort();
                    return true;
                }
            } catch (AuthorizeException e3) {
                if (log.isDebugEnabled()) {
                    log.debug(e3.toString(), e3);
                } else {
                    log.info(e3.toString());
                }
                httpServletResponse.sendError(403, truncateForStatus("Access denied: " + e3.toString()));
                if (context == null || !context.isValid()) {
                    return true;
                }
                context.abort();
                return true;
            } catch (IOException e4) {
                log.error(e4.toString(), e4);
                httpServletResponse.sendError(500, truncateForStatus("IO Error: " + e4.toString()));
                if (context == null || !context.isValid()) {
                    return true;
                }
                context.abort();
                return true;
            } catch (Exception e5) {
                log.error(e5.toString(), e5);
                httpServletResponse.sendError(500, truncateForStatus("IO Error: " + e5.toString()));
                if (context == null || !context.isValid()) {
                    return true;
                }
                context.abort();
                return true;
            }
        } catch (Throwable th) {
            if (context != null && context.isValid()) {
                context.abort();
            }
            throw th;
        }
    }

    protected void doOptions(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.addHeader("DAV", "1");
        httpServletResponse.addHeader("Allow", "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String decodeFromURL(String str) {
        try {
            return URLDecoder.decode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            return "";
        }
    }
}
