package org.apache.maven.archiva.webdav;

import org.apache.jackrabbit.webdav.DavException;
import org.apache.jackrabbit.webdav.DavServletRequest;
import org.apache.jackrabbit.webdav.DavSessionProvider;
import org.apache.jackrabbit.webdav.WebdavRequest;
import org.apache.maven.archiva.security.ServletAuthenticator;
import org.apache.maven.archiva.webdav.util.RepositoryPathUtil;
import org.apache.maven.archiva.webdav.util.WebdavMethodUtil;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.UnauthorizedException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;

/* loaded from: input_file:WEB-INF/lib/archiva-webdav-1.3.1.jar:org/apache/maven/archiva/webdav/ArchivaDavSessionProvider.class */
public class ArchivaDavSessionProvider implements DavSessionProvider {
    private ServletAuthenticator servletAuth;
    private HttpAuthenticator httpAuth;

    public ArchivaDavSessionProvider(ServletAuthenticator servletAuthenticator, HttpAuthenticator httpAuthenticator) {
        this.servletAuth = servletAuthenticator;
        this.httpAuth = httpAuthenticator;
    }

    @Override // org.apache.jackrabbit.webdav.DavSessionProvider
    public boolean attachSession(WebdavRequest webdavRequest) throws DavException {
        String repositoryName = RepositoryPathUtil.getRepositoryName(removeContextPath(webdavRequest));
        try {
            AuthenticationResult authenticationResult = this.httpAuth.getAuthenticationResult(webdavRequest, null);
            webdavRequest.setDavSession(new ArchivaDavSession());
            return this.servletAuth.isAuthenticated(webdavRequest, authenticationResult);
        } catch (AuthenticationException e) {
            try {
                if (!this.servletAuth.isAuthorized(UserManager.GUEST_USERNAME, ((ArchivaDavResourceLocator) webdavRequest.getRequestLocator()).getRepositoryId(), WebdavMethodUtil.getMethodPermission(webdavRequest.getMethod()))) {
                    throw new UnauthorizedDavException(repositoryName, "You are not authenticated.");
                }
                webdavRequest.setDavSession(new ArchivaDavSession());
                return true;
            } catch (UnauthorizedException e2) {
                throw new UnauthorizedDavException(repositoryName, "You are not authenticated and authorized to access any repository.");
            }
        } catch (AccountLockedException e3) {
            throw new UnauthorizedDavException(repositoryName, "User account is locked.");
        } catch (MustChangePasswordException e4) {
            throw new UnauthorizedDavException(repositoryName, "You must change your password.");
        }
    }

    @Override // org.apache.jackrabbit.webdav.DavSessionProvider
    public void releaseSession(WebdavRequest webdavRequest) {
        webdavRequest.setDavSession(null);
    }

    private String removeContextPath(DavServletRequest davServletRequest) {
        String requestURI = davServletRequest.getRequestURI();
        String contextPath = davServletRequest.getContextPath();
        if (requestURI.startsWith(contextPath)) {
            requestURI = requestURI.substring(contextPath.length());
        }
        return requestURI;
    }
}
