package com.gitblit.utils;

import com.gitblit.models.UserModel;
import com.gitblit.utils.X509Utils;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/gitblit/utils/HttpUtils.class */
public class HttpUtils {
    public static String getGitblitURL(HttpServletRequest httpServletRequest) {
        String scheme = httpServletRequest.getScheme();
        int serverPort = httpServletRequest.getServerPort();
        String header = httpServletRequest.getHeader("X-Forwarded-Port");
        if (StringUtils.isEmpty(header)) {
            header = httpServletRequest.getHeader("X_Forwarded_Port");
        }
        if (!StringUtils.isEmpty(header)) {
            try {
                serverPort = Integer.parseInt(header);
            } catch (Throwable th) {
            }
        }
        String header2 = httpServletRequest.getHeader("X-Forwarded-Proto");
        if (StringUtils.isEmpty(header2)) {
            header2 = httpServletRequest.getHeader("X_Forwarded_Proto");
        }
        if (!StringUtils.isEmpty(header2)) {
            scheme = header2;
            if ("https".equals(scheme) && serverPort == 80) {
                serverPort = 443;
            }
        }
        String contextPath = httpServletRequest.getContextPath();
        String header3 = httpServletRequest.getHeader("X-Forwarded-Context");
        if (header3 != null) {
            header3 = httpServletRequest.getHeader("X_Forwarded_Context");
        }
        if (!StringUtils.isEmpty(header3)) {
            contextPath = header3;
        }
        if (contextPath.length() > 0 && contextPath.charAt(contextPath.length() - 1) == '/') {
            contextPath = contextPath.substring(1);
        }
        StringBuilder sb = new StringBuilder();
        sb.append(scheme);
        sb.append("://");
        sb.append(httpServletRequest.getServerName());
        if (("http".equals(scheme) && serverPort != 80) || ("https".equals(scheme) && serverPort != 443)) {
            sb.append(":" + serverPort);
        }
        sb.append(contextPath);
        return sb.toString();
    }

    public static UserModel getUserModelFromCertificate(HttpServletRequest httpServletRequest, boolean z, String... strArr) {
        X509Certificate[] x509CertificateArr;
        if (httpServletRequest.getAttribute("javax.servlet.request.X509Certificate") == null || (x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate")) == null) {
            return null;
        }
        X509Certificate x509Certificate = x509CertificateArr[0];
        if (z) {
            try {
                x509Certificate.checkValidity(new Date());
            } catch (CertificateExpiredException e) {
                LoggerFactory.getLogger(HttpUtils.class).info(MessageFormat.format("X509 certificate {0} has expired", x509Certificate.getSubjectDN().getName()));
                return null;
            } catch (CertificateNotYetValidException e2) {
                LoggerFactory.getLogger(HttpUtils.class).info(MessageFormat.format("X509 certificate {0} is not yet valid", x509Certificate.getSubjectDN().getName()));
                return null;
            }
        }
        return getUserModelFromCertificate(x509Certificate, strArr);
    }

    public static UserModel getUserModelFromCertificate(X509Certificate x509Certificate, String... strArr) {
        X509Utils.X509Metadata metadata = X509Utils.getMetadata(x509Certificate);
        UserModel userModel = new UserModel(metadata.commonName);
        userModel.emailAddress = metadata.emailAddress;
        userModel.isAuthenticated = false;
        if (strArr == null || strArr.length == 0) {
            strArr = new String[]{"CN"};
        }
        StringBuilder sb = new StringBuilder();
        for (String str : strArr) {
            String oid = metadata.getOID(str.toUpperCase(), null);
            if (oid != null) {
                sb.append(oid).append(' ');
            }
        }
        userModel.username = sb.toString().trim();
        return userModel;
    }

    public static X509Utils.X509Metadata getCertificateMetadata(HttpServletRequest httpServletRequest) {
        X509Certificate[] x509CertificateArr;
        if (httpServletRequest.getAttribute("javax.servlet.request.X509Certificate") == null || (x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate")) == null) {
            return null;
        }
        return X509Utils.getMetadata(x509CertificateArr[0]);
    }

    public static boolean isIpAddress(String str) {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        String[] split = str.split("\\.");
        if (split.length != 4) {
            return false;
        }
        for (String str2 : split) {
            try {
                int parseInt = Integer.parseInt(str2);
                if (parseInt < 0 || parseInt > 255) {
                    return false;
                }
            } catch (Exception e) {
                return false;
            }
        }
        return true;
    }
}
