package cloud.piranha.extension.security.file;

import cloud.piranha.webapp.api.AuthenticationManager;
import cloud.piranha.webapp.api.WebApplicationRequest;
import cloud.piranha.webapp.impl.DefaultSecurityPrincipal;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import jakarta.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Principal;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Properties;

/* loaded from: input_file:cloud/piranha/extension/security/file/FileAuthenticationManager.class */
public class FileAuthenticationManager implements AuthenticationManager {
    private Base64.Decoder decoder = Base64.getDecoder();
    private final HashMap<String, String> logins = new HashMap<>();
    private final LinkedHashMap<String, String> securityMappings = new LinkedHashMap<>();
    private File usersFile;

    public FileAuthenticationManager(File file) {
        this.usersFile = file;
        Properties properties = new Properties();
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                properties.load(fileInputStream);
                fileInputStream.close();
            } finally {
            }
        } catch (IOException e) {
        }
        properties.entrySet().forEach(entry -> {
            this.logins.put((String) entry.getKey(), (String) entry.getValue());
        });
    }

    public void addSecurityMapping(String str) {
        this.securityMappings.put(str, str);
    }

    public boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (httpServletRequest.getAuthType() != null) {
            String authType = httpServletRequest.getAuthType();
            boolean z = -1;
            switch (authType.hashCode()) {
                case 2163908:
                    if (authType.equals("FORM")) {
                        z = 3;
                        break;
                    }
                    break;
                case 62970894:
                    if (authType.equals("BASIC")) {
                        z = false;
                        break;
                    }
                    break;
                case 2008316440:
                    if (authType.equals("CLIENT_CERT")) {
                        z = true;
                        break;
                    }
                    break;
                case 2016383428:
                    if (authType.equals("DIGEST")) {
                        z = 2;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return authenticateBasic(httpServletRequest, httpServletResponse);
                case true:
                    return authenticateClientCert(httpServletRequest, httpServletResponse);
                case true:
                    return authenticateDigest(httpServletRequest, httpServletResponse);
                case true:
                    return authenticateForm(httpServletRequest, httpServletResponse);
            }
        }
        throw new ServletException("AuthType '" + httpServletRequest.getAuthType() + "' is not supported");
    }

    private boolean authenticateBasic(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        boolean z = false;
        if (httpServletRequest.getHeader("Authorization") != null) {
            String str = new String(this.decoder.decode(httpServletRequest.getHeader("Authorization").substring("Basic ".length())));
            login(httpServletRequest, str.substring(0, str.indexOf(58)), str.substring(str.indexOf(58) + 1));
            if (httpServletRequest.getUserPrincipal() != null) {
                z = true;
            }
        }
        return z;
    }

    private boolean authenticateClientCert(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        throw new ServletException("AuthType '" + httpServletRequest.getAuthType() + "' is not supported yet");
    }

    private boolean authenticateDigest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        throw new ServletException("AuthType '" + httpServletRequest.getAuthType() + "' is not supported yet");
    }

    private boolean authenticateForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        boolean z = false;
        login(httpServletRequest, httpServletRequest.getParameter("j_username"), httpServletRequest.getParameter("j_password"));
        if (httpServletRequest.getUserPrincipal() != null) {
            z = true;
        }
        return z;
    }

    public void login(HttpServletRequest httpServletRequest, String str, String str2) throws ServletException {
        if (!this.logins.containsKey(str) || str2 == null || !str2.equals(this.logins.get(str))) {
            throw new ServletException("Unable to login using the given username and/or password");
        }
        while (true) {
            HttpServletRequest httpServletRequest2 = httpServletRequest;
            if (!(httpServletRequest2 instanceof HttpServletRequestWrapper)) {
                break;
            } else {
                httpServletRequest = (HttpServletRequest) ((HttpServletRequestWrapper) httpServletRequest2).getRequest();
            }
        }
        HttpServletRequest httpServletRequest3 = httpServletRequest;
        if (httpServletRequest3 instanceof WebApplicationRequest) {
            ((WebApplicationRequest) httpServletRequest3).setUserPrincipal(new DefaultSecurityPrincipal(str));
        }
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        while (true) {
            HttpServletRequest httpServletRequest2 = httpServletRequest;
            if (!(httpServletRequest2 instanceof HttpServletRequestWrapper)) {
                break;
            } else {
                httpServletRequest = (HttpServletRequest) ((HttpServletRequestWrapper) httpServletRequest2).getRequest();
            }
        }
        HttpServletRequest httpServletRequest3 = httpServletRequest;
        if (httpServletRequest3 instanceof WebApplicationRequest) {
            ((WebApplicationRequest) httpServletRequest3).setUserPrincipal((Principal) null);
        }
    }

    public boolean needsAuthentication(HttpServletRequest httpServletRequest) {
        boolean z = false;
        String requestURI = httpServletRequest.getRequestURI();
        Iterator<String> it = this.securityMappings.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String next = it.next();
            if (next.endsWith("*")) {
                if (requestURI.indexOf(next.substring(0, next.length() - 1)) == 0) {
                    z = true;
                    break;
                }
            } else if (next.startsWith("*")) {
            }
        }
        return z;
    }

    public void requestAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }
}
