package sunlabs.brazil.handler;

import java.io.IOException;
import java.io.InputStream;
import java.util.Enumeration;
import java.util.Properties;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletResponse;
import javax.xml.XMLConstants;
import org.apache.xerces.impl.xs.SchemaSymbols;
import sunlabs.brazil.server.Handler;
import sunlabs.brazil.server.Request;
import sunlabs.brazil.server.Server;
import sunlabs.brazil.session.SessionManager;
import sunlabs.brazil.util.Format;

/* loaded from: input_file:xalan-j_2_7_3/lib/brazil-2.1.jar:sunlabs/brazil/handler/BasicAuthHandler.class */
public class BasicAuthHandler implements Handler {
    private static final String CODE = "code";
    private static final String AUTHORIZATION = "authorization";
    private static final String AUTHENTICATE = "authenticate";
    private static final String REALM = "realm";
    private static final String MESSAGE = "message";
    private static final String MAP_FILE = "mapFile";
    private static final String SESSION = "session";
    private static final String IDENT = "ident";
    MatchString isMine;
    public int code = HttpServletResponse.SC_UNAUTHORIZED;
    public String authorization = "Authorization";
    public String authenticate = "WWW-Authenticate";
    public String realm = REALM;
    public String message = "Invalid credentials supplied";
    public String mapFile = null;
    public String session = RolesHandler.ID_KEY;
    public String ident = "authorized";
    public String sessionTable = null;
    String propsPrefix;
    static Class class$java$util$Properties;

    @Override // sunlabs.brazil.server.Handler
    public boolean init(Server server, String str) {
        Class cls;
        Properties properties = server.props;
        this.propsPrefix = str;
        this.isMine = new MatchString(str, server.props);
        try {
            this.code = Integer.decode(properties.getProperty(new StringBuffer().append(str).append(CODE).toString())).intValue();
        } catch (Exception e) {
        }
        if (this.code == 407) {
            this.authorization = "Proxy-Authorization";
            this.authenticate = "Proxy-Authenticate";
        }
        this.authorization = properties.getProperty(new StringBuffer().append(str).append(AUTHORIZATION).toString(), this.authorization);
        this.authenticate = properties.getProperty(new StringBuffer().append(str).append(AUTHENTICATE).toString(), this.authenticate);
        this.realm = properties.getProperty(new StringBuffer().append(str).append(REALM).toString(), this.realm);
        this.message = properties.getProperty(new StringBuffer().append(str).append(MESSAGE).toString(), this.message);
        this.mapFile = properties.getProperty(new StringBuffer().append(str).append("mapFile").toString(), this.mapFile);
        this.session = properties.getProperty(new StringBuffer().append(str).append(SESSION).toString(), this.session);
        this.ident = properties.getProperty(new StringBuffer().append(str).append(IDENT).toString(), this.ident);
        int indexOf = this.ident.indexOf(":");
        if (indexOf > 0) {
            this.sessionTable = this.ident.substring(indexOf + 1);
            this.ident = this.ident.substring(0, indexOf);
        }
        try {
            if (this.message.startsWith("@")) {
                this.message = ResourceHandler.getResourceString(server.props, str, this.message.substring(1));
            }
        } catch (IOException e2) {
            server.log(1, str, "Can't get \"denied\" message");
        }
        if (this.mapFile != null) {
            try {
                server.log(5, str, new StringBuffer().append("Loading credentials file ").append(this.mapFile).toString());
                InputStream resourceStream = ResourceHandler.getResourceStream(server.props, str, this.mapFile);
                Properties properties2 = new Properties();
                properties2.load(resourceStream);
                resourceStream.close();
                String str2 = this.ident;
                String str3 = this.sessionTable;
                if (class$java$util$Properties == null) {
                    cls = class$("java.util.Properties");
                    class$java$util$Properties = cls;
                } else {
                    cls = class$java$util$Properties;
                }
                Properties properties3 = (Properties) SessionManager.getSession(str2, str3, cls);
                Enumeration keys = properties2.keys();
                while (keys.hasMoreElements()) {
                    String str4 = (String) keys.nextElement();
                    properties3.put(str4.replace('!', '='), (String) properties2.get(str4));
                }
            } catch (Exception e3) {
                server.log(5, str, new StringBuffer().append("Credentials file (").append(this.mapFile).append(") not available: ").append(e3).toString());
            }
        }
        this.mapFile = null;
        return true;
    }

    @Override // sunlabs.brazil.server.Handler
    public boolean respond(Request request) throws IOException {
        Class cls;
        if (!this.isMine.match(request.url)) {
            return false;
        }
        String str = request.headers.get(this.authorization);
        if (str == null) {
            return complain(request, new StringBuffer().append("Missing http header: ").append(this.authorization).toString());
        }
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(str);
            if (!"basic".equalsIgnoreCase(stringTokenizer.nextToken())) {
                return complain(request, new StringBuffer().append("Non-basic realm: ").append(str).toString());
            }
            String nextToken = stringTokenizer.nextToken();
            request.log(5, this.propsPrefix, new StringBuffer().append("Session manager: ").append(this.ident).append(":").append(this.sessionTable).toString());
            String str2 = this.ident;
            String str3 = this.sessionTable;
            if (class$java$util$Properties == null) {
                cls = class$("java.util.Properties");
                class$java$util$Properties = cls;
            } else {
                cls = class$java$util$Properties;
            }
            String property = ((Properties) SessionManager.getSession(str2, str3, cls)).getProperty(nextToken);
            if (property == null) {
                return complain(request, new StringBuffer().append("no id matching: ").append(nextToken).toString());
            }
            if (property.equals(XMLConstants.DEFAULT_NS_PREFIX)) {
                request.log(5, this.propsPrefix, "Authorization accepted, no session provided");
                return false;
            }
            request.props.put(this.session, property);
            request.props.put("gotCookie", SchemaSymbols.ATTVAL_TRUE);
            request.log(5, this.propsPrefix, new StringBuffer().append("Setting ").append(this.session).append(" to: ").append(property).toString());
            return false;
        } catch (Exception e) {
            return complain(request, e.toString());
        }
    }

    public boolean complain(Request request, String str) throws IOException {
        if (this.authenticate.length() == 0) {
            request.log(5, this.propsPrefix, "no authenticate?");
            return false;
        }
        request.addHeader(this.authenticate, new StringBuffer().append("basic realm=\"").append(this.realm).append("\"").toString());
        request.sendResponse(Format.subst(request.props, this.message), "text/html", this.code);
        request.log(5, this.propsPrefix, str);
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
