package com.caucho.server.security;

import com.caucho.security.BasicPrincipal;
import com.caucho.util.Alarm;
import com.caucho.util.Registry;
import com.caucho.util.RegistryNode;
import com.caucho.vfs.Path;
import java.security.Principal;
import java.util.Hashtable;
import java.util.Iterator;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/caucho/server/security/XmlAuthenticator.class */
public class XmlAuthenticator extends AbstractAuthenticator {
    private Path _path;
    private Hashtable<String, User> _userMap = new Hashtable<>();
    private long _lastModified;
    private long _lastLength;
    private long _lastCheck;

    /* loaded from: input_file:com/caucho/server/security/XmlAuthenticator$User.class */
    public static class User {
        private String _name;
        private String _password;
        private Principal _principal;
        private String[] _roles;

        public User() {
            this._roles = new String[0];
        }

        User(String str, String str2, Principal principal) {
            this._roles = new String[0];
            this._name = str;
            this._password = str2;
            this._principal = principal;
        }

        public void setName(String str) {
            this._name = str;
            if (this._principal == null) {
                this._principal = new BasicPrincipal(str);
            }
        }

        String getName() {
            return this._name;
        }

        public void setPassword(String str) {
            this._password = str;
        }

        String getPassword() {
            return this._password;
        }

        public void setPassword(Principal principal) {
            this._principal = this._principal;
        }

        Principal getPrincipal() {
            return this._principal;
        }

        public void addRoles(String str) {
            char charAt;
            char charAt2;
            int i = 0;
            int length = str.length();
            while (i < length) {
                while (i < length && ((charAt2 = str.charAt(i)) == ' ' || charAt2 == ',')) {
                    i++;
                }
                if (i >= length) {
                    return;
                }
                int i2 = i;
                while (i2 < length && (charAt = str.charAt(i2)) != ' ' && charAt != ',') {
                    i2++;
                }
                addRole(str.substring(i, i2));
                i = i2;
            }
        }

        void addRole(String str) {
            String[] strArr = new String[this._roles.length + 1];
            System.arraycopy(this._roles, 0, strArr, 0, this._roles.length);
            strArr[this._roles.length] = str;
            this._roles = strArr;
        }

        String[] getRoles() {
            return this._roles;
        }

        public void addText(String str) {
            String substring;
            String substring2;
            int indexOf = str.indexOf(58);
            if (indexOf < 0) {
                return;
            }
            String substring3 = str.substring(0, indexOf);
            int indexOf2 = str.indexOf(58, indexOf + 1);
            if (indexOf2 < 0) {
                substring = str.substring(indexOf + 1);
                substring2 = "user";
            } else {
                substring = str.substring(indexOf + 1, indexOf2);
                substring2 = str.substring(indexOf2 + 1);
            }
            setName(substring3);
            setPassword(substring);
            addRoles(substring2);
        }
    }

    public void setPath(Path path) {
        this._path = path;
    }

    public Path getPath() {
        return this._path;
    }

    public void addUser(User user) {
        this._userMap.put(user.getName(), user);
    }

    @Override // com.caucho.server.security.AbstractAuthenticator, com.caucho.server.security.ServletAuthenticator
    public synchronized void init() throws ServletException {
        super.init();
        if (this._path == null) {
            return;
        }
        try {
            RegistryNode lookup = Registry.parse(this._path).getTop().lookup("authenticator");
            if (lookup == null) {
                throw new ServletException("missing auth");
            }
            Iterator<RegistryNode> select = lookup.select("user");
            while (select.hasNext()) {
                RegistryNode next = select.next();
                String string = next.getString("name", null);
                if (string != null || next.getValue() == null || next.getValue().equals("")) {
                    User user = new User(string, next.getString("password", null), new BasicPrincipal(string));
                    Iterator<RegistryNode> select2 = next.select("role");
                    while (select2.hasNext()) {
                        String value = select2.next().getValue();
                        if (value != null && !value.equals("")) {
                            user.addRoles(value);
                        }
                    }
                    this._userMap.put(string, user);
                } else {
                    User user2 = new User();
                    user2.addText(next.getValue());
                    addUser(user2);
                }
            }
            this._lastCheck = Alarm.getCurrentTime();
            this._lastModified = this._path.getLastModified();
            this._lastLength = this._path.getLength();
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    @Override // com.caucho.server.security.AbstractAuthenticator
    protected Principal loginImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        if (isModified()) {
            init();
        }
        User user = this._userMap.get(str);
        if (user != null && user.getPassword().equals(str2)) {
            return user.getPrincipal();
        }
        return null;
    }

    @Override // com.caucho.server.security.AbstractAuthenticator
    protected String getDigestPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, String str, String str2) throws ServletException {
        if (isModified()) {
            init();
        }
        User user = this._userMap.get(str);
        if (user == null) {
            return null;
        }
        return user.getPassword();
    }

    @Override // com.caucho.server.security.AbstractAuthenticator, com.caucho.server.security.ServletAuthenticator
    public boolean isUserInRole(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext, Principal principal, String str) throws ServletException {
        if (principal == null) {
            return false;
        }
        User user = this._userMap.get(principal.getName());
        if (user == null) {
            return false;
        }
        String[] roles = user.getRoles();
        for (int length = roles.length - 1; length >= 0; length--) {
            if (roles[length].equals(str)) {
                return true;
            }
        }
        return false;
    }

    private boolean isModified() {
        if (this._path == null || Alarm.getCurrentTime() < this._lastCheck + 5000) {
            return false;
        }
        if (this._lastModified != this._path.getLastModified() || this._lastLength != this._path.getLength()) {
            return true;
        }
        this._lastCheck = Alarm.getCurrentTime();
        return false;
    }
}
