package org.structr.web.auth;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.structr.common.AccessMode;
import org.structr.common.PathHelper;
import org.structr.common.SecurityContext;
import org.structr.common.error.FrameworkException;
import org.structr.core.app.App;
import org.structr.core.app.StructrApp;
import org.structr.core.auth.AuthHelper;
import org.structr.core.auth.Authenticator;
import org.structr.core.auth.exception.AuthenticationException;
import org.structr.core.entity.AbstractNode;
import org.structr.core.entity.Person;
import org.structr.core.entity.Principal;
import org.structr.core.property.PropertyKey;
import org.structr.web.resource.RegistrationResource;
import org.structr.web.servlet.HtmlServlet;

/* loaded from: input_file:org/structr/web/auth/HttpAuthenticator.class */
public class HttpAuthenticator implements Authenticator {
    private static final Logger logger = Logger.getLogger(HttpAuthenticator.class.getName());
    protected boolean examined = false;
    protected static boolean userAutoCreate;
    protected static Class userClass;

    public boolean hasExaminedRequest() {
        return this.examined;
    }

    public void setUserAutoCreate(boolean z, Class cls) {
        userAutoCreate = z;
        userClass = cls;
    }

    public SecurityContext initializeAndExamineRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws FrameworkException {
        Principal checkSessionAuthentication = checkSessionAuthentication(httpServletRequest);
        if (checkSessionAuthentication == null) {
            checkSessionAuthentication = checkExternalAuthentication(httpServletRequest, httpServletResponse);
        }
        SecurityContext securityContext = checkSessionAuthentication != null ? SecurityContext.getInstance(checkSessionAuthentication, httpServletRequest, AccessMode.Backend) : SecurityContext.getInstance(checkSessionAuthentication, httpServletRequest, AccessMode.Frontend);
        securityContext.setAuthenticator(this);
        this.examined = true;
        return securityContext;
    }

    public void checkResourceAccess(HttpServletRequest httpServletRequest, String str, String str2) throws FrameworkException {
        logger.log(Level.FINE, "Got session? ", httpServletRequest.getSession(false));
        logger.log(Level.FINE, "User principal: ", httpServletRequest.getUserPrincipal());
    }

    public Principal doLogin(HttpServletRequest httpServletRequest, String str, String str2) throws AuthenticationException {
        Principal principalForPassword = AuthHelper.getPrincipalForPassword(Person.eMail, str, str2);
        if (principalForPassword == null) {
            principalForPassword = AuthHelper.getPrincipalForPassword(AbstractNode.name, str, str2);
        }
        if (principalForPassword != null) {
            String requestedSessionId = httpServletRequest.getRequestedSessionId();
            App structrApp = StructrApp.getInstance();
            Principal principal = principalForPassword;
            try {
                try {
                    structrApp.beginTx();
                    principal.setProperty(Principal.sessionId, requestedSessionId);
                    structrApp.commitTx();
                    structrApp.finishTx();
                } catch (FrameworkException e) {
                    logger.log(Level.SEVERE, (String) null, e);
                    structrApp.finishTx();
                }
            } catch (Throwable th) {
                structrApp.finishTx();
                throw th;
            }
        }
        return principalForPassword;
    }

    public void doLogout(HttpServletRequest httpServletRequest) {
        App structrApp = StructrApp.getInstance();
        try {
            try {
                structrApp.beginTx();
                Principal user = getUser(httpServletRequest, false);
                if (user != null) {
                    user.setProperty(Principal.sessionId, (Object) null);
                }
                HttpSession session = httpServletRequest.getSession(false);
                if (session != null) {
                    session.invalidate();
                }
                httpServletRequest.logout();
                structrApp.commitTx();
                structrApp.finishTx();
            } catch (Exception e) {
                logger.log(Level.WARNING, "Error while logging out user", (Throwable) e);
                structrApp.finishTx();
            }
        } catch (Throwable th) {
            structrApp.finishTx();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Principal checkExternalAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String clean = PathHelper.clean(httpServletRequest.getPathInfo());
        String[] parts = PathHelper.getParts(clean);
        logger.log(Level.FINE, "Checking external authentication ...");
        if (parts == null || parts.length != 3 || !"oauth".equals(parts[0])) {
            logger.log(Level.FINE, "Incorrect URI parts for OAuth process, need /oauth/<name>/<action>");
            return null;
        }
        String str = parts[1];
        String str2 = parts[2];
        StructrOAuthClient server = StructrOAuthClient.getServer(str);
        if (server == null) {
            logger.log(Level.FINE, "No OAuth2 authentication server configured for {0}", clean);
            return null;
        }
        if ("login".equals(str2)) {
            try {
                httpServletResponse.sendRedirect(server.getEndUserAuthorizationRequestUri(httpServletRequest));
                return null;
            } catch (Exception e) {
                logger.log(Level.SEVERE, "Could not send redirect to authorization server", (Throwable) e);
            }
        } else if ("auth".equals(str2)) {
            String accessToken = server.getAccessToken(httpServletRequest);
            SecurityContext superUserInstance = SecurityContext.getSuperUserInstance();
            if (accessToken != null) {
                logger.log(Level.FINE, "Got access token {0}", accessToken);
                String credential = server.getCredential(httpServletRequest);
                logger.log(Level.FINE, "Got credential value: {0}", new Object[]{credential});
                if (credential != null) {
                    PropertyKey credentialKey = server.getCredentialKey();
                    Principal principalForCredential = AuthHelper.getPrincipalForCredential(credentialKey, credential);
                    if (principalForCredential == null && userAutoCreate) {
                        principalForCredential = RegistrationResource.createUser(superUserInstance, credentialKey, credential, true, userClass);
                    }
                    if (principalForCredential != null) {
                        App structrApp = StructrApp.getInstance();
                        try {
                            try {
                                structrApp.beginTx();
                                principalForCredential.setProperty(Principal.sessionId, getSessionId(httpServletRequest));
                                structrApp.commitTx();
                                HtmlServlet.setNoCacheHeaders(httpServletResponse);
                                try {
                                    logger.log(Level.FINE, "Response status: {0}", Integer.valueOf(httpServletResponse.getStatus()));
                                    httpServletResponse.sendRedirect(server.getReturnUri());
                                } catch (Exception e2) {
                                    logger.log(Level.SEVERE, "Could not redirect to {0}: {1}", new Object[]{server.getReturnUri(), e2});
                                }
                                Principal principal = principalForCredential;
                                structrApp.finishTx();
                                return principal;
                            } catch (Throwable th) {
                                structrApp.finishTx();
                                throw th;
                            }
                        } catch (FrameworkException e3) {
                            logger.log(Level.SEVERE, "Could not set session id for user {0}", principalForCredential.toString());
                            structrApp.finishTx();
                        }
                    }
                }
            }
        }
        try {
            httpServletResponse.sendRedirect(server.getErrorUri());
            return null;
        } catch (Exception e4) {
            logger.log(Level.SEVERE, "Could not redirect to {0}: {1}", new Object[]{server.getReturnUri(), e4});
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Principal checkSessionAuthentication(HttpServletRequest httpServletRequest) {
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        if (requestedSessionId == null) {
            httpServletRequest.getSession(true);
            return null;
        }
        Principal principalForSessionId = AuthHelper.getPrincipalForSessionId(requestedSessionId);
        if (principalForSessionId != null) {
            return principalForSessionId;
        }
        return null;
    }

    /* JADX WARN: Code restructure failed: missing block: B:25:0x0039, code lost:
    
        if (r0.length != 2) goto L16;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.structr.core.entity.Principal checkBasicAuthentication(javax.servlet.http.HttpServletRequest r6, javax.servlet.http.HttpServletResponse r7) {
        /*
            r5 = this;
            r0 = r6
            java.lang.String r1 = "Authorization"
            java.lang.String r0 = r0.getHeader(r1)
            r9 = r0
            r0 = r9
            if (r0 != 0) goto L16
            r0 = r5
            r1 = r7
            r0.sendBasicAuthResponse(r1)     // Catch: java.lang.IllegalStateException -> L5d
            r0 = 0
            return r0
        L16:
            r0 = r9
            java.lang.String r0 = r0.toUpperCase()     // Catch: java.lang.IllegalStateException -> L5d
            java.lang.String r1 = "BASIC "
            boolean r0 = r0.startsWith(r1)     // Catch: java.lang.IllegalStateException -> L5d
            if (r0 != 0) goto L2a
            r0 = r5
            r1 = r7
            r0.sendBasicAuthResponse(r1)     // Catch: java.lang.IllegalStateException -> L5d
            r0 = 0
            return r0
        L2a:
            r0 = r6
            java.lang.String[] r0 = getUsernameAndPassword(r0)     // Catch: java.lang.IllegalStateException -> L5d
            r10 = r0
            r0 = r10
            if (r0 == 0) goto L3c
            r0 = r10
            int r0 = r0.length     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
            r1 = 2
            if (r0 == r1) goto L40
        L3c:
            r0 = r7
            writeUnauthorized(r0)     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
        L40:
            org.structr.core.property.Property r0 = org.structr.core.entity.Person.eMail     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
            r1 = r10
            r2 = 0
            r1 = r1[r2]     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
            r2 = r10
            r3 = 1
            r2 = r2[r3]     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
            org.structr.core.entity.Principal r0 = org.structr.core.auth.AuthHelper.getPrincipalForPassword(r0, r1, r2)     // Catch: java.lang.Exception -> L52 java.lang.IllegalStateException -> L5d
            r8 = r0
            goto L5b
        L52:
            r11 = move-exception
            r0 = r5
            r1 = r7
            r0.sendBasicAuthResponse(r1)     // Catch: java.lang.IllegalStateException -> L5d
            r0 = 0
            return r0
        L5b:
            r0 = r8
            return r0
        L5d:
            r10 = move-exception
            java.util.logging.Logger r0 = org.structr.web.auth.HttpAuthenticator.logger
            java.util.logging.Level r1 = java.util.logging.Level.WARNING
            java.lang.String r2 = "Error while sending basic auth response, stream might be already closed, sending anyway."
            r0.log(r1, r2)
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.structr.web.auth.HttpAuthenticator.checkBasicAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):org.structr.core.entity.Principal");
    }

    private void sendBasicAuthResponse(HttpServletResponse httpServletResponse) {
        try {
            writeUnauthorized(httpServletResponse);
        } catch (IOException e) {
            writeInternalServerError(httpServletResponse);
        }
    }

    public static void writeUnauthorized(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setHeader("WWW-Authenticate", "BASIC realm=\"Restricted Access\"");
        httpServletResponse.sendError(401);
    }

    public static void writeContent(String str, HttpServletResponse httpServletResponse) throws IOException {
        try {
            httpServletResponse.setStatus(200);
            httpServletResponse.setCharacterEncoding("UTF-8");
            PrintWriter writer = httpServletResponse.getWriter();
            writer.append((CharSequence) str);
            writer.flush();
            writer.close();
        } catch (IllegalStateException e) {
            logger.log(Level.WARNING, "Could not write to output stream", e.getMessage());
        }
    }

    public static void writeNotFound(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(404);
    }

    public static void writeInternalServerError(HttpServletResponse httpServletResponse) {
        try {
            httpServletResponse.sendError(500);
        } catch (Exception e) {
        }
    }

    public Principal getUser(HttpServletRequest httpServletRequest, boolean z) throws FrameworkException {
        Principal checkSessionAuthentication = checkSessionAuthentication(httpServletRequest);
        return checkSessionAuthentication != null ? checkSessionAuthentication : checkSessionAuthentication;
    }

    private static String[] getUsernameAndPassword(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return null;
        }
        String str = new String(Base64.decodeBase64(header.substring(6)));
        logger.log(Level.FINE, "Decoded user and pass: {0}", str);
        return StringUtils.split(str, ":");
    }

    private static String getSessionId(HttpServletRequest httpServletRequest) {
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        if (requestedSessionId != null) {
            return requestedSessionId;
        }
        HttpSession session = httpServletRequest.getSession(true);
        logger.log(Level.INFO, "Created new HTTP session: {0}", session.toString());
        return session.getId();
    }

    public boolean getUserAutoCreate() {
        return userAutoCreate;
    }

    public Class getUserClass() {
        return userClass;
    }
}
