package org.mortbay.jetty.security;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.StringTokenizer;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.language.bm.Languages;
import org.apache.phoenix.query.QueryConstants;
import org.mortbay.jetty.Handler;
import org.mortbay.jetty.HttpConnection;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.handler.ContextHandler;
import org.mortbay.log.Log;
import org.mortbay.log.Logger;
import org.mortbay.resource.Resource;
import org.mortbay.util.StringUtil;
import org.mortbay.util.URIUtil;

/* loaded from: input_file:org/mortbay/jetty/security/HTAccessHandler.class */
public class HTAccessHandler extends SecurityHandler {
    private Handler protegee;
    private static Logger log;
    String _default = null;
    String _accessFile = ".htaccess";
    transient HashMap _htCache = new HashMap();
    static Class class$org$mortbay$jetty$security$HTAccessHandler;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/mortbay/jetty/security/HTAccessHandler$DummyPrincipal.class */
    public class DummyPrincipal implements Principal {
        private String _userName;
        private final HTAccessHandler this$0;

        public DummyPrincipal(HTAccessHandler hTAccessHandler, String str) {
            this.this$0 = hTAccessHandler;
            this._userName = str;
        }

        @Override // java.security.Principal
        public String getName() {
            return this._userName;
        }

        @Override // java.security.Principal
        public String toString() {
            return getName();
        }
    }

    /* loaded from: input_file:org/mortbay/jetty/security/HTAccessHandler$HTAccess.class */
    private static class HTAccess {
        static final int ANY = 0;
        static final int ALL = 1;
        static final String USER = "user";
        static final String GROUP = "group";
        static final String VALID_USER = "valid-user";
        String _userFile;
        Resource _userResource;
        long _userModified;
        String _groupFile;
        Resource _groupResource;
        long _groupModified;
        String _type;
        String _name;
        String _requireName;
        int _order;
        long _lastModified;
        boolean _forbidden;
        HashMap _users = null;
        HashMap _groups = null;
        int _satisfy = 0;
        HashMap _methods = new HashMap();
        HashSet _requireEntities = new HashSet();
        ArrayList _allowList = new ArrayList();
        ArrayList _denyList = new ArrayList();

        public HTAccess(Resource resource) {
            this._forbidden = false;
            try {
                parse(new BufferedReader(new InputStreamReader(resource.getInputStream())));
                this._lastModified = resource.lastModified();
                if (this._userFile != null) {
                    this._userResource = Resource.newResource(this._userFile);
                    if (!this._userResource.exists()) {
                        this._forbidden = true;
                        HTAccessHandler.log.warn(new StringBuffer().append("Could not find ht user file: ").append(this._userFile).toString(), null, null);
                    } else if (HTAccessHandler.log.isDebugEnabled()) {
                        HTAccessHandler.log.debug(new StringBuffer().append("user file: ").append(this._userResource).toString(), null, null);
                    }
                }
                if (this._groupFile != null) {
                    this._groupResource = Resource.newResource(this._groupFile);
                    if (!this._groupResource.exists()) {
                        this._forbidden = true;
                        HTAccessHandler.log.warn(new StringBuffer().append("Could not find ht group file: ").append(this._groupResource).toString(), null, null);
                    } else if (HTAccessHandler.log.isDebugEnabled()) {
                        HTAccessHandler.log.debug(new StringBuffer().append("group file: ").append(this._groupResource).toString(), null, null);
                    }
                }
            } catch (IOException e) {
                this._forbidden = true;
                HTAccessHandler.log.warn("LogSupport.EXCEPTION", e);
            }
        }

        public boolean isForbidden() {
            return this._forbidden;
        }

        public HashMap getMethods() {
            return this._methods;
        }

        public long getLastModified() {
            return this._lastModified;
        }

        public Resource getUserResource() {
            return this._userResource;
        }

        public Resource getGroupResource() {
            return this._groupResource;
        }

        public int getSatisfy() {
            return this._satisfy;
        }

        public String getName() {
            return this._name;
        }

        public String getType() {
            return this._type;
        }

        public boolean checkAccess(String str, String str2) {
            boolean z = false;
            boolean z2 = false;
            if (this._allowList.size() == 0 && this._denyList.size() == 0) {
                return true;
            }
            int i = 0;
            while (true) {
                if (i >= this._allowList.size()) {
                    break;
                }
                String str3 = (String) this._allowList.get(i);
                if (str3.equals("all")) {
                    z = true;
                    break;
                }
                char charAt = str3.charAt(0);
                if (charAt < '0' || charAt > '9') {
                    if (str.endsWith(str3)) {
                        z = true;
                        break;
                    }
                    i++;
                } else {
                    if (str2.startsWith(str3)) {
                        z = true;
                        break;
                    }
                    i++;
                }
            }
            int i2 = 0;
            while (true) {
                if (i2 >= this._denyList.size()) {
                    break;
                }
                String str4 = (String) this._denyList.get(i2);
                if (str4.equals("all")) {
                    z2 = true;
                    break;
                }
                char charAt2 = str4.charAt(0);
                if (charAt2 < '0' || charAt2 > '9') {
                    if (str.endsWith(str4)) {
                        z2 = true;
                        break;
                    }
                    i2++;
                } else {
                    if (str2.startsWith(str4)) {
                        z2 = true;
                        break;
                    }
                    i2++;
                }
            }
            return this._order < 0 ? !z2 || z : z && !z2;
        }

        public boolean checkAuth(String str, String str2, UserRealm userRealm, Request request) {
            if (this._requireName == null) {
                return true;
            }
            if ((userRealm == null ? null : userRealm.authenticate(str, str2, request)) == null) {
                String userCode = getUserCode(str);
                String crypt = (str == null || str2 == null) ? null : UnixCrypt.crypt(str2, userCode != null ? userCode.substring(0, 2) : str);
                if (userCode == null) {
                    return false;
                }
                if ((userCode.equals("") && !str2.equals("")) || !userCode.equals(crypt)) {
                    return false;
                }
            }
            if (this._requireName.equalsIgnoreCase("user")) {
                return this._requireEntities.contains(str);
            }
            if (!this._requireName.equalsIgnoreCase(GROUP)) {
                return this._requireName.equalsIgnoreCase(VALID_USER);
            }
            ArrayList userGroups = getUserGroups(str);
            if (userGroups == null) {
                return false;
            }
            int size = userGroups.size();
            do {
                int i = size;
                size--;
                if (i <= 0) {
                    return false;
                }
            } while (!this._requireEntities.contains(userGroups.get(size)));
            return true;
        }

        public boolean isAccessLimited() {
            return this._allowList.size() > 0 || this._denyList.size() > 0;
        }

        public boolean isAuthLimited() {
            return this._requireName != null;
        }

        /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
            jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:32:0x00f7
            	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
            */
        private java.lang.String getUserCode(java.lang.String r7) {
            /*
                Method dump skipped, instructions count: 275
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: org.mortbay.jetty.security.HTAccessHandler.HTAccess.getUserCode(java.lang.String):java.lang.String");
        }

        /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
            jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:43:0x0134
            	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
            */
        private java.util.ArrayList getUserGroups(java.lang.String r7) {
            /*
                Method dump skipped, instructions count: 336
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: org.mortbay.jetty.security.HTAccessHandler.HTAccess.getUserGroups(java.lang.String):java.util.ArrayList");
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("AuthUserFile=");
            stringBuffer.append(this._userFile);
            stringBuffer.append(", AuthGroupFile=");
            stringBuffer.append(this._groupFile);
            stringBuffer.append(", AuthName=");
            stringBuffer.append(this._name);
            stringBuffer.append(", AuthType=");
            stringBuffer.append(this._type);
            stringBuffer.append(", Methods=");
            stringBuffer.append(this._methods);
            stringBuffer.append(", satisfy=");
            stringBuffer.append(this._satisfy);
            if (this._order < 0) {
                stringBuffer.append(", order=deny,allow");
            } else if (this._order > 0) {
                stringBuffer.append(", order=allow,deny");
            } else {
                stringBuffer.append(", order=mutual-failure");
            }
            stringBuffer.append(", Allow from=");
            stringBuffer.append(this._allowList);
            stringBuffer.append(", deny from=");
            stringBuffer.append(this._denyList);
            stringBuffer.append(", requireName=");
            stringBuffer.append(this._requireName);
            stringBuffer.append(" ");
            stringBuffer.append(this._requireEntities);
            return stringBuffer.toString();
        }

        private void parse(BufferedReader bufferedReader) throws IOException {
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return;
                }
                String trim = readLine.trim();
                if (!trim.startsWith(QueryConstants.CHILD_VIEW_INDEX_NAME_SEPARATOR)) {
                    if (trim.startsWith("AuthUserFile")) {
                        this._userFile = trim.substring(13).trim();
                    } else if (trim.startsWith("AuthGroupFile")) {
                        this._groupFile = trim.substring(14).trim();
                    } else if (trim.startsWith("AuthName")) {
                        this._name = trim.substring(8).trim();
                    } else if (trim.startsWith("AuthType")) {
                        this._type = trim.substring(8).trim();
                    } else if (trim.startsWith("<Limit")) {
                        int length = trim.length();
                        int indexOf = trim.indexOf(62);
                        if (indexOf < 0) {
                            indexOf = length;
                        }
                        StringTokenizer stringTokenizer = new StringTokenizer(trim.substring(6, indexOf));
                        while (stringTokenizer.hasMoreTokens()) {
                            this._methods.put(stringTokenizer.nextToken(), Boolean.TRUE);
                        }
                        while (true) {
                            String readLine2 = bufferedReader.readLine();
                            if (readLine2 != null) {
                                String trim2 = readLine2.trim();
                                if (!trim2.startsWith(QueryConstants.CHILD_VIEW_INDEX_NAME_SEPARATOR)) {
                                    if (trim2.startsWith("satisfy")) {
                                        int i = 7;
                                        int length2 = trim2.length();
                                        while (i < length2 && trim2.charAt(i) <= ' ') {
                                            i++;
                                        }
                                        int i2 = i;
                                        while (i2 < length2 && trim2.charAt(i2) > ' ') {
                                            i2++;
                                        }
                                        String substring = trim2.substring(i, i2);
                                        if (substring.equals("all")) {
                                            this._satisfy = 1;
                                        } else if (substring.equals(Languages.ANY)) {
                                            this._satisfy = 0;
                                        }
                                    } else if (trim2.startsWith("require")) {
                                        int i3 = 7;
                                        int length3 = trim2.length();
                                        while (i3 < length3 && trim2.charAt(i3) <= ' ') {
                                            i3++;
                                        }
                                        int i4 = i3;
                                        while (i4 < length3 && trim2.charAt(i4) > ' ') {
                                            i4++;
                                        }
                                        this._requireName = trim2.substring(i3, i4).toLowerCase();
                                        if ("user".equals(this._requireName)) {
                                            this._requireName = "user";
                                        } else if (GROUP.equals(this._requireName)) {
                                            this._requireName = GROUP;
                                        } else if (VALID_USER.equals(this._requireName)) {
                                            this._requireName = VALID_USER;
                                        }
                                        int i5 = i4 + 1;
                                        if (i5 < length3) {
                                            while (i5 < length3 && trim2.charAt(i5) <= ' ') {
                                                i5++;
                                            }
                                            StringTokenizer stringTokenizer2 = new StringTokenizer(trim2.substring(i5));
                                            while (stringTokenizer2.hasMoreTokens()) {
                                                this._requireEntities.add(stringTokenizer2.nextToken());
                                            }
                                        }
                                    } else if (trim2.startsWith("order")) {
                                        if (HTAccessHandler.log.isDebugEnabled()) {
                                            HTAccessHandler.log.debug(new StringBuffer().append("orderline=").append(trim2).append("order=").append(this._order).toString(), null, null);
                                        }
                                        if (trim2.indexOf("allow,deny") > 0) {
                                            HTAccessHandler.log.debug("==>allow+deny", null, null);
                                            this._order = 1;
                                        } else if (trim2.indexOf("deny,allow") > 0) {
                                            HTAccessHandler.log.debug("==>deny,allow", null, null);
                                            this._order = -1;
                                        } else if (trim2.indexOf("mutual-failure") > 0) {
                                            HTAccessHandler.log.debug("==>mutual", null, null);
                                            this._order = 0;
                                        }
                                    } else if (trim2.startsWith("allow from")) {
                                        int i6 = 10;
                                        int length4 = trim2.length();
                                        while (i6 < length4 && trim2.charAt(i6) <= ' ') {
                                            i6++;
                                        }
                                        if (HTAccessHandler.log.isDebugEnabled()) {
                                            HTAccessHandler.log.debug(new StringBuffer().append("allow process:").append(trim2.substring(i6)).toString(), null, null);
                                        }
                                        StringTokenizer stringTokenizer3 = new StringTokenizer(trim2.substring(i6));
                                        while (stringTokenizer3.hasMoreTokens()) {
                                            this._allowList.add(stringTokenizer3.nextToken());
                                        }
                                    } else if (trim2.startsWith("deny from")) {
                                        int i7 = 9;
                                        int length5 = trim2.length();
                                        while (i7 < length5 && trim2.charAt(i7) <= ' ') {
                                            i7++;
                                        }
                                        if (HTAccessHandler.log.isDebugEnabled()) {
                                            HTAccessHandler.log.debug(new StringBuffer().append("deny process:").append(trim2.substring(i7)).toString(), null, null);
                                        }
                                        StringTokenizer stringTokenizer4 = new StringTokenizer(trim2.substring(i7));
                                        while (stringTokenizer4.hasMoreTokens()) {
                                            this._denyList.add(stringTokenizer4.nextToken());
                                        }
                                    } else if (trim2.startsWith("</Limit>")) {
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }

    @Override // org.mortbay.jetty.security.SecurityHandler, org.mortbay.jetty.handler.HandlerWrapper, org.mortbay.jetty.Handler
    public void handle(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) throws IOException, ServletException {
        Request request = httpServletRequest instanceof Request ? (Request) httpServletRequest : HttpConnection.getCurrentConnection().getRequest();
        Response response = httpServletResponse instanceof Response ? (Response) httpServletResponse : HttpConnection.getCurrentConnection().getResponse();
        String str2 = null;
        String str3 = null;
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("HTAccessHandler pathInContext=").append(str).toString(), null, null);
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            String decode = B64Code.decode(header.substring(header.indexOf(32) + 1), StringUtil.__ISO_8859_1);
            int indexOf = decode.indexOf(58);
            str2 = decode.substring(0, indexOf);
            str3 = decode.substring(indexOf + 1);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("User=").append(str2).append(", password=").append("******************************".substring(0, str3.length())).toString(), null, null);
            }
        }
        try {
            Resource resource = null;
            for (String parentPath = str.endsWith("/") ? str : URIUtil.parentPath(str); parentPath != null; parentPath = URIUtil.parentPath(parentPath)) {
                resource = ((ContextHandler) getProtegee()).getResource(new StringBuffer().append(parentPath).append(this._accessFile).toString());
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("directory=").append(parentPath).append(" resource=").append(resource).toString(), null, null);
                }
                if (resource != null && resource.exists() && !resource.isDirectory()) {
                    break;
                }
                resource = null;
            }
            boolean z = true;
            if (resource == null && this._default != null) {
                resource = Resource.newResource(this._default);
                if (!resource.exists() || resource.isDirectory()) {
                    z = false;
                }
            }
            if (resource == null) {
                z = false;
            }
            if (str.endsWith(this._accessFile) || str.endsWith(new StringBuffer().append(this._accessFile).append("~").toString()) || str.endsWith(new StringBuffer().append(this._accessFile).append(".bak").toString())) {
                httpServletResponse.sendError(403);
                request.setHandled(true);
                return;
            }
            if (z) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("HTACCESS=").append(resource).toString(), null, null);
                }
                HTAccess hTAccess = (HTAccess) this._htCache.get(resource);
                if (hTAccess == null || hTAccess.getLastModified() != resource.lastModified()) {
                    hTAccess = new HTAccess(resource);
                    this._htCache.put(resource, hTAccess);
                    if (log.isDebugEnabled()) {
                        log.debug(new StringBuffer().append("HTCache loaded ").append(hTAccess).toString(), null, null);
                    }
                }
                if (hTAccess.isForbidden()) {
                    log.warn(new StringBuffer().append("Mis-configured htaccess: ").append(hTAccess).toString(), null, null);
                    httpServletResponse.sendError(403);
                    request.setHandled(true);
                    return;
                }
                HashMap methods = hTAccess.getMethods();
                if (methods.size() > 0 && !methods.containsKey(httpServletRequest.getMethod())) {
                    callWrappedHandler(str, httpServletRequest, httpServletResponse, i);
                    return;
                }
                int satisfy = hTAccess.getSatisfy();
                boolean checkAccess = hTAccess.checkAccess("", httpServletRequest.getRemoteAddr());
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("IPValid = ").append(checkAccess).toString(), null, null);
                }
                if (checkAccess && satisfy == 0) {
                    callWrappedHandler(str, httpServletRequest, httpServletResponse, i);
                    return;
                }
                if (!checkAccess && satisfy == 1) {
                    httpServletResponse.sendError(403);
                    request.setHandled(true);
                    return;
                } else {
                    if (!hTAccess.checkAuth(str2, str3, getUserRealm(), request)) {
                        log.debug("Auth Failed", null, null);
                        httpServletResponse.setHeader("WWW-Authenticate", new StringBuffer().append("basic realm=").append(hTAccess.getName()).toString());
                        httpServletResponse.sendError(401);
                        response.complete();
                        request.setHandled(true);
                        return;
                    }
                    if (str2 != null) {
                        request.setAuthType("BASIC");
                        request.setUserPrincipal(getPrincipal(str2, getUserRealm()));
                    }
                }
            }
            callWrappedHandler(str, httpServletRequest, httpServletResponse, i);
        } catch (Exception e) {
            log.warn("Exception", e);
            if (0 != 0) {
                httpServletResponse.sendError(500);
                request.setHandled(true);
            }
        }
    }

    private void callWrappedHandler(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) throws IOException, ServletException {
        Handler handler = getHandler();
        if (handler != null) {
            handler.handle(str, httpServletRequest, httpServletResponse, i);
        }
    }

    public Principal getPrincipal(String str, UserRealm userRealm) {
        return userRealm == null ? new DummyPrincipal(this, str) : userRealm.getPrincipal(str);
    }

    public void setDefault(String str) {
        this._default = str;
    }

    public void setAccessFile(String str) {
        if (str == null) {
            this._accessFile = ".htaccess";
        } else {
            this._accessFile = str;
        }
    }

    protected Handler getProtegee() {
        return this.protegee;
    }

    public void setProtegee(Handler handler) {
        this.protegee = handler;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static Logger access$000() {
        return log;
    }

    static {
        Class cls;
        if (class$org$mortbay$jetty$security$HTAccessHandler == null) {
            cls = class$("org.mortbay.jetty.security.HTAccessHandler");
            class$org$mortbay$jetty$security$HTAccessHandler = cls;
        } else {
            cls = class$org$mortbay$jetty$security$HTAccessHandler;
        }
        log = Log.getLogger(cls.getName());
    }
}
