package org.apache.maven.archiva.web.repository;

import java.io.File;
import java.io.IOException;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ConfigurationEvent;
import org.apache.maven.archiva.configuration.ConfigurationListener;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.authorization.AuthorizationResult;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticator;
import org.codehaus.plexus.webdav.DavServerException;
import org.codehaus.plexus.webdav.DavServerManager;
import org.codehaus.plexus.webdav.servlet.DavServerRequest;
import org.codehaus.plexus.webdav.servlet.multiplexed.MultiplexedWebDavServlet;
import org.codehaus.plexus.webdav.util.WebdavMethodUtil;

/* loaded from: input_file:lib/archiva-webapp-1.0.1.war:WEB-INF/classes/org/apache/maven/archiva/web/repository/RepositoryServlet.class */
public class RepositoryServlet extends MultiplexedWebDavServlet implements ConfigurationListener {
    private SecuritySystem securitySystem;
    private HttpAuthenticator httpAuth;
    private ArchivaConfiguration configuration;
    private Map<String, ManagedRepositoryConfiguration> repositoryMap;
    private ArchivaMimeTypeLoader mimeTypeLoader;

    @Override // org.codehaus.plexus.webdav.servlet.AbstractWebDavServlet
    public synchronized void initComponents() throws ServletException {
        super.initComponents();
        this.mimeTypeLoader = (ArchivaMimeTypeLoader) lookup(ArchivaMimeTypeLoader.class.getName());
        this.securitySystem = (SecuritySystem) lookup(SecuritySystem.ROLE);
        this.httpAuth = (HttpAuthenticator) lookup(HttpAuthenticator.ROLE, "basic");
        this.configuration = (ArchivaConfiguration) lookup(ArchivaConfiguration.class.getName());
        this.configuration.addListener(this);
        this.repositoryMap = this.configuration.getConfiguration().getManagedRepositoriesAsMap();
    }

    @Override // org.codehaus.plexus.webdav.servlet.multiplexed.MultiplexedWebDavServlet
    public synchronized void initServers(ServletConfig servletConfig) throws DavServerException {
        for (ManagedRepositoryConfiguration managedRepositoryConfiguration : this.repositoryMap.values()) {
            File file = new File(managedRepositoryConfiguration.getLocation());
            if (file.exists() || file.mkdirs()) {
                createServer(managedRepositoryConfiguration.getId(), file, servletConfig).setUseIndexHtml(true);
            } else {
                log("Unable to create missing directory for " + managedRepositoryConfiguration.getLocation());
            }
        }
    }

    @Override // org.codehaus.plexus.webdav.servlet.AbstractWebDavServlet
    public void destroy() {
        try {
            release(this.securitySystem);
        } catch (ServletException e) {
            log("Unable to release SecuritySystem : " + e.getMessage(), e);
        }
        try {
            release(this.httpAuth);
        } catch (ServletException e2) {
            log("Unable to release HttpAuth : " + e2.getMessage(), e2);
        }
        try {
            release(this.configuration);
        } catch (ServletException e3) {
            log("Unable to release ArchivaConfiguration : " + e3.getMessage(), e3);
        }
        try {
            release(this.mimeTypeLoader);
        } catch (ServletException e4) {
            log("Unable to release ArchivaMimeTypeLoader : " + e4.getMessage(), e4);
        }
        super.destroy();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.codehaus.plexus.webdav.servlet.multiplexed.MultiplexedWebDavServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        super.service(new PolicingServletRequest(httpServletRequest), httpServletResponse);
    }

    public synchronized ManagedRepositoryConfiguration getRepository(String str) {
        if (this.repositoryMap.isEmpty()) {
            this.repositoryMap.putAll(this.configuration.getConfiguration().getManagedRepositoriesAsMap());
        }
        return this.repositoryMap.get(str);
    }

    private String getRepositoryName(DavServerRequest davServerRequest) {
        ManagedRepositoryConfiguration repository = getRepository(davServerRequest.getPrefix());
        return repository == null ? "Unknown" : repository.getName();
    }

    @Override // org.codehaus.plexus.webdav.servlet.AbstractWebDavServlet
    public boolean isAuthenticated(DavServerRequest davServerRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpServletRequest request = davServerRequest.getRequest();
        try {
            AuthenticationResult authenticationResult = this.httpAuth.getAuthenticationResult(request, httpServletResponse);
            if (authenticationResult == null || authenticationResult.isAuthenticated()) {
                return true;
            }
            this.httpAuth.challenge(request, httpServletResponse, "Repository " + getRepositoryName(davServerRequest), new AuthenticationException("User Credentials Invalid"));
            return false;
        } catch (AuthenticationException e) {
            log("Fatal Http Authentication Error.", e);
            throw new ServletException("Fatal Http Authentication Error.", e);
        } catch (AccountLockedException e2) {
            this.httpAuth.challenge(request, httpServletResponse, "Repository " + getRepositoryName(davServerRequest), new AuthenticationException("User account is locked"));
            return true;
        } catch (MustChangePasswordException e3) {
            this.httpAuth.challenge(request, httpServletResponse, "Repository " + getRepositoryName(davServerRequest), new AuthenticationException("You must change your password."));
            return true;
        }
    }

    @Override // org.codehaus.plexus.webdav.servlet.AbstractWebDavServlet
    public boolean isAuthorized(DavServerRequest davServerRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpServletRequest request = davServerRequest.getRequest();
        boolean isWriteMethod = WebdavMethodUtil.isWriteMethod(request.getMethod());
        SecuritySession securitySession = this.httpAuth.getSecuritySession();
        String str = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;
        if (isWriteMethod) {
            str = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
        }
        try {
            AuthorizationResult authorize = this.securitySystem.authorize(securitySession, str, davServerRequest.getPrefix());
            if (authorize.isAuthorized()) {
                return true;
            }
            if (authorize.getException() != null) {
                log("Authorization Denied [ip=" + request.getRemoteAddr() + ",isWriteRequest=" + isWriteMethod + ",permission=" + str + ",repo=" + davServerRequest.getPrefix() + "] : " + authorize.getException().getMessage());
            }
            this.httpAuth.challenge(request, httpServletResponse, "Repository " + getRepositoryName(davServerRequest), new AuthenticationException("Authorization Denied."));
            return false;
        } catch (AuthorizationException e) {
            throw new ServletException("Fatal Authorization Subsystem Error.");
        }
    }

    @Override // org.apache.maven.archiva.configuration.ConfigurationListener
    public void configurationEvent(ConfigurationEvent configurationEvent) {
        if (configurationEvent.getType() == 1) {
            initRepositories();
        }
    }

    private void initRepositories() {
        synchronized (this.repositoryMap) {
            this.repositoryMap.clear();
            this.repositoryMap.putAll(this.configuration.getConfiguration().getManagedRepositoriesAsMap());
        }
        DavServerManager davManager = getDavManager();
        synchronized (davManager) {
            davManager.removeAllServers();
            try {
                initServers(getServletConfig());
            } catch (DavServerException e) {
                log("Unable to init servers: " + e.getMessage(), e);
            }
        }
    }
}
