package org.fcrepo.server.security.servletfilters;

import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.codec.binary.Base64;
import org.fcrepo.server.errors.authorization.AuthzOperationalException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/fcrepo/server/security/servletfilters/ExtendedHttpServletRequestWrapper.class */
public class ExtendedHttpServletRequestWrapper extends HttpServletRequestWrapper implements ExtendedHttpServletRequest {
    private static final Logger logger = LoggerFactory.getLogger(ExtendedHttpServletRequestWrapper.class);
    private String username;
    private String password;
    private String authority;
    private java.security.Principal userPrincipal;
    private boolean wrapperWriteLocked;
    private String sponsoredUser;
    private final Map authenticatedAttributes;
    private final Map sponsoredAttributes;
    public static final String BASIC = "Basic";
    public static final String AUTHORIZATION = "Authorization";
    public static final String FROM = "From";

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final void lockWrapper() throws Exception {
        lockSponsoredUser();
        this.wrapperWriteLocked = true;
    }

    private void setSponsoredUser(String str) throws Exception {
        if (this.sponsoredUser == null) {
            this.sponsoredUser = str;
        }
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public void setSponsoredUser() throws Exception {
        String str = "";
        logger.debug("setSponsoredUser , isSponsoredUserRequested()==" + isSponsoredUserRequested());
        if (isSponsoredUserRequested()) {
            str = getFromHeader();
            logger.debug("setSponsoredUser , sponsoredUser==" + str);
        }
        setSponsoredUser(str);
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public void lockSponsoredUser() throws Exception {
        setSponsoredUser("");
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public void setAuthenticated(java.security.Principal principal, String str) throws Exception {
        if (this.wrapperWriteLocked) {
            throw new Exception();
        }
        if (isAuthenticated()) {
            throw new Exception();
        }
        this.userPrincipal = principal;
        this.authority = str;
    }

    public java.security.Principal getUserPrincipal() {
        java.security.Principal userPrincipal = super.getUserPrincipal();
        if (userPrincipal == null) {
            userPrincipal = this.userPrincipal;
        }
        return userPrincipal;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final boolean isUserSponsored() {
        return (this.sponsoredUser == null || "".equals(this.sponsoredUser)) ? false : true;
    }

    protected boolean isSponsoredUserRequested() {
        String fromHeader = getFromHeader();
        return (fromHeader == null || "".equals(fromHeader)) ? false : true;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final boolean isAuthenticated() {
        return getUserPrincipal() != null;
    }

    public String getRemoteUser() {
        String remoteUser;
        if (isUserSponsored()) {
            remoteUser = this.sponsoredUser;
        } else {
            remoteUser = super.getRemoteUser();
            if (remoteUser == null && this.userPrincipal != null) {
                remoteUser = this.userPrincipal.getName();
            }
        }
        return remoteUser;
    }

    public final void auditInnerMap(Map map) {
        if (logger.isDebugEnabled()) {
            for (String str : map.keySet()) {
                Object obj = map.get(str);
                StringBuffer stringBuffer = new StringBuffer(str + "==");
                String str2 = "";
                if (obj instanceof String) {
                    stringBuffer.append(obj);
                } else if (obj instanceof String[]) {
                    stringBuffer.append("[");
                    for (int i = 0; i < ((String[]) obj).length; i++) {
                        String str3 = ((String[]) obj)[i];
                        if (str3 instanceof String) {
                            stringBuffer.append(str2 + ((Object) str3));
                        } else {
                            stringBuffer.append(str2 + "UNKNOWN");
                        }
                        str2 = ",";
                    }
                    stringBuffer.append("]");
                } else if (obj instanceof Set) {
                    stringBuffer.append("{");
                    for (Object obj2 : (Set) obj) {
                        if (obj2 instanceof String) {
                            stringBuffer.append(str2 + obj2);
                            str2 = ",";
                        } else {
                            stringBuffer.append(str2 + "UNKNOWN");
                            str2 = ",";
                        }
                    }
                    stringBuffer.append("}");
                } else {
                    stringBuffer.append("UNKNOWN");
                }
                logger.debug(stringBuffer.toString());
            }
        }
    }

    public final void auditInnerSet(Set set) {
        if (logger.isDebugEnabled()) {
            for (Object obj : set) {
                if (obj instanceof String) {
                    logger.debug((String) obj);
                } else {
                    logger.debug("UNKNOWN");
                }
            }
        }
    }

    public final void auditOuterMap(Map map, String str) {
        if (logger.isDebugEnabled()) {
            logger.debug("");
            logger.debug("auditing " + str);
            for (Object obj : map.keySet()) {
                Object obj2 = map.get(obj);
                String str2 = obj instanceof String ? (String) obj : "<authority not a string>";
                if (obj2 instanceof Map) {
                    logger.debug(str2 + " maps to . . .");
                    auditInnerMap((Map) obj2);
                } else if (obj2 instanceof Set) {
                    logger.debug(str2 + " maps to . . .");
                    auditInnerSet((Set) obj2);
                } else {
                    logger.debug(str2 + " maps to an unknown object==" + map.getClass().getName());
                }
            }
        }
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public void audit() {
        if (logger.isDebugEnabled()) {
            logger.debug("\n===AUDIT===");
            logger.debug("auditing wrapped request");
            auditOuterMap(this.authenticatedAttributes, "authenticatedAttributes");
            auditOuterMap(this.sponsoredAttributes, "sponsoredAttributes");
            logger.debug("===AUDIT===\n");
        }
    }

    public boolean getAttributeDefined(String str) throws AuthzOperationalException {
        boolean z = false;
        Iterator it = (isUserSponsored() ? this.sponsoredAttributes : this.authenticatedAttributes).values().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (((Map) it.next()).containsKey(str)) {
                z = true;
                break;
            }
        }
        return z;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public Set getAttributeValues(String str) throws AuthzOperationalException {
        Set set;
        HashSet hashSet = null;
        for (Map map : (isUserSponsored() ? this.sponsoredAttributes : this.authenticatedAttributes).values()) {
            if (map.containsKey(str) && (set = (Set) map.get(str)) != null && !set.isEmpty()) {
                if (hashSet == null) {
                    hashSet = new HashSet();
                }
                hashSet.addAll(set);
            }
        }
        if (hashSet == null) {
            hashSet = IMMUTABLE_NULL_SET;
        }
        return hashSet;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public boolean hasAttributeValues(String str) throws AuthzOperationalException {
        return !getAttributeValues(str).isEmpty();
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public boolean isAttributeDefined(String str) throws AuthzOperationalException {
        return getAttributeDefined(str);
    }

    private void putIntoMap(Map map, String str, Object obj) throws Exception {
        if (this.wrapperWriteLocked) {
            throw new Exception();
        }
        if (!isAuthenticated()) {
            throw new Exception("can't collect user roles/attributes/groups until after authentication");
        }
        if (map == null || str == null || obj == null) {
            throw new Exception("null parm, map==" + map + ", key==" + str + ", value==" + obj);
        }
        if (map.containsKey(str)) {
            throw new Exception("map already contains key==" + str);
        }
        logger.debug("mapping " + str + " => " + obj + " in " + map);
        map.put(str, obj);
    }

    private void putMapIntoMap(Map map, String str, Object obj) throws Exception {
        if (!(obj instanceof Map)) {
            throw new Exception("input parm must be a map");
        }
        putIntoMap(map, str, obj);
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public void addAttributes(String str, Map map) throws Exception {
        if (isUserSponsored()) {
            putMapIntoMap(this.sponsoredAttributes, str, map);
        } else {
            putMapIntoMap(this.authenticatedAttributes, str, map);
        }
    }

    private Map getAllAttributes(Map map) {
        Hashtable hashtable = new Hashtable();
        Iterator it = map.values().iterator();
        while (it.hasNext()) {
            hashtable.putAll((Map) it.next());
        }
        return hashtable;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public Map getAllAttributes() throws AuthzOperationalException {
        return isUserSponsored() ? getAllAttributes(this.sponsoredAttributes) : getAllAttributes(this.authenticatedAttributes);
    }

    private final String[] parseUsernamePassword(String str) throws Exception {
        String[] split;
        String str2 = "parseUsernamePassword():header intact";
        if (str == null || "".equals(str)) {
            String str3 = str2 + ExtendedHttpServletRequest.FAILED;
            logger.error(str3 + ", header==" + str);
            throw new Exception(str3);
        }
        logger.debug(str2 + ExtendedHttpServletRequest.SUCCEEDED);
        String[] split2 = str.split("\\s+");
        String str4 = "parseUsernamePassword():header split";
        if (split2.length != 2) {
            String str5 = str4 + ExtendedHttpServletRequest.FAILED;
            logger.error(str5 + ", header==" + str);
            throw new Exception(str5);
        }
        logger.debug(str4 + ExtendedHttpServletRequest.SUCCEEDED);
        String str6 = "parseUsernamePassword():auth scheme";
        String str7 = split2[0];
        if (str7 == null && !BASIC.equalsIgnoreCase(str7)) {
            String str8 = str6 + ExtendedHttpServletRequest.FAILED;
            logger.error(str8 + ", authscheme==" + str7);
            throw new Exception(str8);
        }
        logger.debug(str6 + ExtendedHttpServletRequest.SUCCEEDED);
        String str9 = "parseUsernamePassword():digest non-null";
        String str10 = split2[1];
        if (str10 == null || "".equals(str10)) {
            String str11 = str9 + ExtendedHttpServletRequest.FAILED;
            logger.error(str11 + ", usernamepassword==" + str10);
            throw new Exception(str11);
        }
        logger.debug(str9 + ExtendedHttpServletRequest.SUCCEEDED + ", usernamepassword==" + str10);
        byte[] bytes = str10.getBytes();
        String str12 = "parseUsernamePassword():digest base64-encoded";
        if (!Base64.isArrayByteBase64(bytes)) {
            String str13 = str12 + ExtendedHttpServletRequest.FAILED;
            logger.error(str13 + ", encoded==" + bytes);
            throw new Exception(str13);
        }
        if (logger.isDebugEnabled()) {
            logger.debug(str12 + ExtendedHttpServletRequest.SUCCEEDED + ", encoded==" + bytes);
        }
        byte[] decodeBase64 = Base64.decodeBase64(bytes);
        logger.debug("parseUsernamePassword():got decoded bytes" + ExtendedHttpServletRequest.SUCCEEDED + ", decodedAsByteArray==" + decodeBase64);
        String str14 = new String(decodeBase64);
        logger.debug("parseUsernamePassword():got decoded string" + ExtendedHttpServletRequest.SUCCEEDED + ", decoded==" + str14);
        String str15 = "parseUsernamePassword():digest decoded";
        if (str14 == null || "".equals(str14)) {
            String str16 = str15 + ExtendedHttpServletRequest.FAILED;
            logger.error(str16 + ", digest decoded==" + str14);
            throw new Exception(str16);
        }
        logger.debug(str15 + ExtendedHttpServletRequest.SUCCEEDED);
        if (str14 == null) {
            logger.error("decoded user/password is null . . . returning 0-length strings");
            split = new String[]{"", ""};
        } else {
            if (str14.indexOf(":") < 0) {
                logger.error("decoded user/password lacks delimiter . . . throwing exception");
                throw new Exception("decoded user/password lacks delimiter");
            }
            if (str14.startsWith(":")) {
                logger.error("decoded user/password is lacks user . . . returning 0-length strings");
                split = new String[]{"", ""};
            } else {
                split = str14.endsWith(":") ? new String[]{str14.substring(0, str14.length() - 1), ""} : str14.split(":");
            }
        }
        String str17 = "parseUsernamePassword():user/password split";
        if (split.length == 2) {
            logger.debug(str17 + ExtendedHttpServletRequest.SUCCEEDED);
            return split;
        }
        String str18 = str17 + ExtendedHttpServletRequest.FAILED;
        logger.error(str18 + ", digest decoded==" + str14);
        throw new Exception(str18);
    }

    public final String getAuthorizationHeader() {
        logger.debug("getAuthorizationHeader()");
        logger.debug("getting this headers");
        Enumeration headerNames = getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            logger.debug("another headername==" + str);
            logger.debug("another headervalue==" + getHeader(str));
        }
        logger.debug("getting super headers");
        Enumeration headerNames2 = super.getHeaderNames();
        while (headerNames2.hasMoreElements()) {
            String str2 = (String) headerNames2.nextElement();
            logger.debug("another headername==" + str2);
            logger.debug("another headervalue==" + super.getHeader(str2));
        }
        return getHeader(AUTHORIZATION);
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final String getFromHeader() {
        return getHeader(FROM);
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final String getUser() throws Exception {
        if (this.username == null) {
            logger.debug("username==null, so will grok now");
            String authorizationHeader = getAuthorizationHeader();
            logger.debug("authorizationHeader==" + authorizationHeader);
            if (authorizationHeader != null && !"".equals(authorizationHeader)) {
                logger.debug("authorizationHeader is intact");
                String[] parseUsernamePassword = parseUsernamePassword(authorizationHeader);
                logger.debug("usernamePassword[] length==" + parseUsernamePassword.length);
                this.username = parseUsernamePassword[0];
                logger.debug("username (usernamePassword[0])==" + this.username);
                if (super.getRemoteUser() == null) {
                    logger.debug("had none before");
                } else {
                    if (super.getRemoteUser() != this.username && !super.getRemoteUser().equals(this.username)) {
                        throw new Exception("somebody got it wrong");
                    }
                    logger.debug("got same now");
                }
            }
        }
        logger.debug("return user==" + this.username);
        return this.username;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final String getPassword() throws Exception {
        String authorizationHeader;
        if (this.password == null && (authorizationHeader = getAuthorizationHeader()) != null && !"".equals(authorizationHeader)) {
            this.password = parseUsernamePassword(authorizationHeader)[1];
        }
        logger.debug("return password==" + this.password);
        return this.password;
    }

    @Override // org.fcrepo.server.security.servletfilters.ExtendedHttpServletRequest
    public final String getAuthority() {
        return this.authority;
    }

    public ExtendedHttpServletRequestWrapper(HttpServletRequest httpServletRequest) throws Exception {
        super(httpServletRequest);
        this.username = null;
        this.password = null;
        this.wrapperWriteLocked = false;
        this.sponsoredUser = null;
        this.authenticatedAttributes = new Hashtable();
        this.sponsoredAttributes = new Hashtable();
    }

    @Deprecated
    public String getRealPath(String str) {
        return super.getRealPath(str);
    }

    @Deprecated
    public boolean isRequestedSessionIdFromUrl() {
        return isRequestedSessionIdFromURL();
    }

    public boolean isSecure() {
        logger.debug("super.isSecure()==" + super.isSecure());
        logger.debug("this.getLocalPort()==" + getLocalPort());
        logger.debug("this.getProtocol()==" + getProtocol());
        logger.debug("this.getServerPort()==" + getServerPort());
        logger.debug("this.getRequestURI()==" + getRequestURI());
        return super.isSecure();
    }
}
