package com.caucho.server.security;

import com.caucho.log.Log;
import com.caucho.security.BasicPrincipal;
import com.caucho.server.session.SessionImpl;
import com.caucho.server.session.SessionManager;
import com.caucho.server.webapp.Application;
import com.caucho.util.Alarm;
import com.caucho.util.CharBuffer;
import com.caucho.util.L10N;
import com.caucho.util.LruCache;
import com.rc.retroweaver.runtime.ClassLiteral;
import java.lang.ref.SoftReference;
import java.security.MessageDigest;
import java.security.Principal;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/caucho/server/security/AbstractAuthenticator.class */
public class AbstractAuthenticator implements ServletAuthenticator {
    static final Logger log = Log.open(ClassLiteral.getClass("com/caucho/server/security/AbstractAuthenticator"));
    static final L10N L = new L10N(ClassLiteral.getClass("com/caucho/server/security/AbstractAuthenticator"));
    public static final String LOGIN_NAME = "com.caucho.servlet.login.name";
    protected LruCache<String, PrincipalEntry> _principalCache;
    protected PasswordDigest _passwordDigest;
    protected int _principalCacheSize = 4096;
    protected String _passwordDigestAlgorithm = "MD5-base64";
    protected String _passwordDigestRealm = "resin";
    private boolean _logoutOnTimeout = true;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/caucho/server/security/AbstractAuthenticator$PrincipalEntry.class */
    public static class PrincipalEntry {
        private Principal _principal;
        private SessionImpl _session;
        private ArrayList<SoftReference<SessionImpl>> _sessions;

        PrincipalEntry(Principal principal) {
            this._principal = principal;
        }

        Principal getPrincipal() {
            return this._principal;
        }

        void addSession(SessionImpl sessionImpl) {
            if (this._session == null || this._session == sessionImpl) {
                this._session = sessionImpl;
                return;
            }
            if (this._sessions == null) {
                this._sessions = new ArrayList<>();
            }
            this._sessions.add(new SoftReference<>(sessionImpl));
        }

        void logout() {
            SessionImpl sessionImpl = this._session;
            this._session = null;
            ArrayList<SoftReference<SessionImpl>> arrayList = this._sessions;
            this._sessions = null;
            if (sessionImpl != null) {
                try {
                    sessionImpl.logout();
                } catch (Throwable th) {
                    AbstractAuthenticator.log.log(Level.WARNING, th.toString(), th);
                }
            }
            for (int i = 0; arrayList != null && i < arrayList.size(); i++) {
                SessionImpl sessionImpl2 = arrayList.get(i).get();
                if (sessionImpl2 != null) {
                    try {
                        sessionImpl2.logout();
                    } catch (Throwable th2) {
                        AbstractAuthenticator.log.log(Level.WARNING, th2.toString(), th2);
                    }
                }
            }
        }
    }

    public int getPrincipalCacheSize() {
        return this._principalCacheSize;
    }

    public void setPrincipalCacheSize(int i) {
        this._principalCacheSize = i;
    }

    public PasswordDigest getPasswordDigest() {
        return this._passwordDigest;
    }

    public void setPasswordDigest(PasswordDigest passwordDigest) {
        this._passwordDigest = passwordDigest;
    }

    public String getPasswordDigestAlgorithm() {
        return this._passwordDigestAlgorithm;
    }

    public void setPasswordDigestAlgorithm(String str) {
        this._passwordDigestAlgorithm = str;
    }

    public String getPasswordDigestRealm() {
        return this._passwordDigestRealm;
    }

    public void setPasswordDigestRealm(String str) {
        this._passwordDigestRealm = str;
    }

    public boolean getLogoutOnSessionTimeout() {
        return this._logoutOnTimeout;
    }

    public void setLogoutOnSessionTimeout(boolean z) {
        this._logoutOnTimeout = z;
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public void init() throws ServletException {
        int indexOf;
        if (this._principalCacheSize > 0) {
            this._principalCache = new LruCache<>(this._principalCacheSize);
        }
        if (this._passwordDigest != null) {
            if (this._passwordDigest.getAlgorithm() == null || this._passwordDigest.getAlgorithm().equals("none")) {
                this._passwordDigest = null;
                return;
            }
            return;
        }
        if (this._passwordDigestAlgorithm == null || this._passwordDigestAlgorithm.equals("none") || (indexOf = this._passwordDigestAlgorithm.indexOf(45)) <= 0) {
            return;
        }
        String substring = this._passwordDigestAlgorithm.substring(0, indexOf);
        String substring2 = this._passwordDigestAlgorithm.substring(indexOf + 1);
        this._passwordDigest = new PasswordDigest();
        this._passwordDigest.setAlgorithm(substring);
        this._passwordDigest.setFormat(substring2);
        this._passwordDigest.setRealm(this._passwordDigestRealm);
        this._passwordDigest.init();
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public Principal login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        Principal loginImpl = loginImpl(httpServletRequest, httpServletResponse, servletContext, str, getPasswordDigest(httpServletRequest, httpServletResponse, servletContext, str, str2));
        if (loginImpl != null) {
            SessionImpl sessionImpl = (SessionImpl) httpServletRequest.getSession();
            sessionImpl.setUser(loginImpl);
            if (this._principalCache != null) {
                PrincipalEntry principalEntry = new PrincipalEntry(loginImpl);
                principalEntry.addSession(sessionImpl);
                this._principalCache.put(sessionImpl.getId(), principalEntry);
            }
        }
        return loginImpl;
    }

    public String getPasswordDigest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        return this._passwordDigest != null ? this._passwordDigest.getPasswordDigest(httpServletRequest, httpServletResponse, servletContext, str, str2) : str2;
    }

    protected Principal loginImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        return null;
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public Principal loginDigest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2, String str3, String str4, String str5, String str6, String str7, byte[] bArr) throws ServletException {
        Principal loginDigestImpl = loginDigestImpl(httpServletRequest, httpServletResponse, servletContext, str, str2, str3, str4, str5, str6, str7, bArr);
        if (loginDigestImpl != null) {
            SessionImpl sessionImpl = (SessionImpl) httpServletRequest.getSession();
            sessionImpl.setUser(loginDigestImpl);
            if (this._principalCache != null) {
                PrincipalEntry principalEntry = new PrincipalEntry(loginDigestImpl);
                principalEntry.addSession(sessionImpl);
                this._principalCache.put(sessionImpl.getId(), principalEntry);
            }
        }
        return loginDigestImpl;
    }

    public Principal loginDigestImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2, String str3, String str4, String str5, String str6, String str7, byte[] bArr) throws ServletException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            byte[] digestSecret = getDigestSecret(httpServletRequest, httpServletResponse, servletContext, str, str2, "MD5");
            if (digestSecret == null) {
                return null;
            }
            digestUpdateHex(messageDigest, digestSecret);
            messageDigest.update((byte) 58);
            for (int i = 0; i < str3.length(); i++) {
                messageDigest.update((byte) str3.charAt(i));
            }
            if (str5 != null) {
                messageDigest.update((byte) 58);
                for (int i2 = 0; i2 < str6.length(); i2++) {
                    messageDigest.update((byte) str6.charAt(i2));
                }
                messageDigest.update((byte) 58);
                for (int i3 = 0; str7 != null && i3 < str7.length(); i3++) {
                    messageDigest.update((byte) str7.charAt(i3));
                }
                messageDigest.update((byte) 58);
                for (int i4 = 0; str5 != null && i4 < str5.length(); i4++) {
                    messageDigest.update((byte) str5.charAt(i4));
                }
            }
            messageDigest.update((byte) 58);
            digestUpdateHex(messageDigest, digest(new StringBuffer().append(httpServletRequest.getMethod()).append(":").append(str4).toString()));
            byte[] digest = messageDigest.digest();
            if (bArr == null || bArr.length != digest.length) {
                return null;
            }
            for (int i5 = 0; i5 < bArr.length; i5++) {
                if (digest[i5] != bArr[i5]) {
                    return null;
                }
            }
            return new BasicPrincipal(str);
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    private void digestUpdateHex(MessageDigest messageDigest, byte[] bArr) {
        for (byte b : bArr) {
            int i = (b >> 4) & 15;
            int i2 = b & 15;
            if (i < 10) {
                messageDigest.update((byte) (i + 48));
            } else {
                messageDigest.update((byte) ((i + 97) - 10));
            }
            if (i2 < 10) {
                messageDigest.update((byte) (i2 + 48));
            } else {
                messageDigest.update((byte) ((i2 + 97) - 10));
            }
        }
    }

    private String digestToString(byte[] bArr) {
        if (bArr == null) {
            return "null";
        }
        CharBuffer allocate = CharBuffer.allocate();
        for (byte b : bArr) {
            int i = (b >> 4) & 15;
            int i2 = b & 15;
            if (i < 10) {
                allocate.append((char) (i + 48));
            } else {
                allocate.append((char) ((i + 97) - 10));
            }
            if (i2 < 10) {
                allocate.append((char) (i2 + 48));
            } else {
                allocate.append((char) ((i2 + 97) - 10));
            }
        }
        return allocate.close();
    }

    protected byte[] getDigestSecret(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2, String str3) throws ServletException {
        String digestPassword = getDigestPassword(httpServletRequest, httpServletResponse, servletContext, str, str2);
        if (digestPassword == null) {
            return null;
        }
        if (this._passwordDigest != null) {
            return this._passwordDigest.stringToDigest(digestPassword);
        }
        try {
            return MessageDigest.getInstance(str3).digest(new StringBuffer().append(str).append(":").append(str2).append(":").append(digestPassword).toString().getBytes("UTF8"));
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    protected byte[] digest(String str) throws ServletException {
        try {
            return MessageDigest.getInstance("MD5").digest(str.getBytes("UTF8"));
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    protected String getDigestPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        return null;
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public Principal getUserPrincipal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext) throws ServletException {
        SessionImpl sessionImpl = (SessionImpl) httpServletRequest.getSession(false);
        Principal principal = null;
        if (sessionImpl != null) {
            principal = sessionImpl.getUser();
        }
        if (principal != null) {
            return principal;
        }
        PrincipalEntry principalEntry = null;
        if (this._principalCache != null) {
            if (sessionImpl != null) {
                principalEntry = this._principalCache.get(sessionImpl.getId());
            } else if (httpServletRequest.getRequestedSessionId() != null) {
                principalEntry = this._principalCache.get(httpServletRequest.getRequestedSessionId());
            }
        }
        if (principalEntry != null) {
            Principal principal2 = principalEntry.getPrincipal();
            if (sessionImpl == null) {
                sessionImpl = (SessionImpl) httpServletRequest.getSession(true);
            }
            sessionImpl.setUser(principal2);
            principalEntry.addSession(sessionImpl);
            return principal2;
        }
        Principal userPrincipalImpl = getUserPrincipalImpl(httpServletRequest, servletContext);
        if (userPrincipalImpl != null) {
            if (sessionImpl != null) {
                PrincipalEntry principalEntry2 = new PrincipalEntry(userPrincipalImpl);
                sessionImpl.setUser(userPrincipalImpl);
                principalEntry2.addSession(sessionImpl);
                this._principalCache.put(sessionImpl.getId(), principalEntry2);
            } else if (httpServletRequest.getRequestedSessionId() != null) {
                this._principalCache.put(httpServletRequest.getRequestedSessionId(), new PrincipalEntry(userPrincipalImpl));
            }
        }
        return userPrincipalImpl;
    }

    protected Principal getUserPrincipalImpl(HttpServletRequest httpServletRequest, ServletContext servletContext) throws ServletException {
        return null;
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public boolean isUserInRole(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, Principal principal, String str) throws ServletException {
        return false;
    }

    @Override // com.caucho.server.security.ServletAuthenticator
    public void logout(ServletContext servletContext, String str, Principal principal) throws ServletException {
        SessionImpl session;
        log.fine(new StringBuffer().append("logout ").append(principal).toString());
        if (str != null) {
            PrincipalEntry principalEntry = null;
            if (this._principalCache != null) {
                principalEntry = this._principalCache.remove(str);
            }
            if (principalEntry != null) {
                principalEntry.logout();
            }
            SessionManager sessionManager = ((Application) servletContext).getSessionManager();
            if (sessionManager == null || (session = sessionManager.getSession(str, Alarm.getCurrentTime(), false, true)) == null) {
                return;
            }
            session.logout();
        }
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, Principal principal) throws ServletException {
        logout(servletContext, httpServletRequest.getRequestedSessionId(), principal);
    }
}
