package com.edulib.ice.security.authentication;

import com.edulib.ice.core.ICECore;
import com.edulib.ice.security.ICESubject;
import com.edulib.ice.security.ICEUserPrincipal;
import com.edulib.ice.util.ICEBase64;
import com.edulib.ice.util.log.ICELog;
import com.edulib.ice.util.resources.BundleConstants;
import com.edulib.ice.util.resources.ICEResourceFactory;
import com.edulib.muse.proxy.Constants;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.security.MessageDigest;
import java.util.Hashtable;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.regexp.RE;
import org.apache.tools.ant.MagicNames;

/* loaded from: input_file:install/data/c209c5bada6eba92aa597d306a6100b8/2.1.0.1/assembly.dat:4b3ab592ba31a92e7ec58487ebc8e2b4/ice.jar:com/edulib/ice/security/authentication/ICELoginModuleHTTPAuthentication.class */
public class ICELoginModuleHTTPAuthentication implements LoginModule {
    private Subject subject = null;
    private CallbackHandler callbackHandler = null;
    private Map sharedState = null;
    private Map options = null;
    private ICESubject iceSubject = null;
    private ICEUserPrincipal userPrincipal = null;
    private String user = null;
    private String password = null;
    private String url = null;
    private String proxyHost = null;
    private int proxyPort = -1;
    private ICELog log = null;
    private boolean loggedOn = false;
    private boolean commitSucceeded = false;
    private String httpAuthenticationString = null;
    private ResourceBundle resourceBundle = null;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.sharedState = map;
        this.options = map2;
        if (map2.get(MagicNames.ANT_FILE_TYPE_URL) != null) {
            this.url = (String) map2.get(MagicNames.ANT_FILE_TYPE_URL);
        }
        if (map2.get("proxyHost") != null) {
            this.proxyHost = (String) map2.get("proxyHost");
        }
        if (map2.get("proxyPort") != null) {
            try {
                this.proxyPort = Integer.parseInt((String) map2.get("proxyPort"));
            } catch (NullPointerException e) {
                this.proxyPort = -1;
            } catch (NumberFormatException e2) {
                this.proxyPort = -1;
            }
        }
    }

    public boolean login() throws LoginException {
        this.resourceBundle = ICECore.getICEResourceBundle();
        if (this.callbackHandler == null && this.user == null) {
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, null, BundleConstants.ERROR_LOGIN_NOCALLBACK, "CallbackHandler"));
        }
        if (this.url == null) {
            this.loggedOn = false;
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, null, BundleConstants.ERROR_LOGIN_PARAM_EMPTY, MagicNames.ANT_FILE_TYPE_URL));
        }
        Callback[] callbackArr = {new ICECallback()};
        try {
            this.callbackHandler.handle(callbackArr);
            ICECallback iCECallback = (ICECallback) callbackArr[0];
            this.iceSubject = ((ICECallback) callbackArr[0]).getSubject();
            this.log = ((ICECallback) callbackArr[0]).getLog();
            this.user = ((ICECallback) callbackArr[0]).getParameter("wwwAuthID");
            this.password = ((ICECallback) callbackArr[0]).getParameter("wwwAuthPwd");
            if (iCECallback.getResourceBundle() != null) {
                this.resourceBundle = iCECallback.getResourceBundle();
            }
            if (((ICECallback) callbackArr[0]).getParameter(MagicNames.ANT_FILE_TYPE_URL) != null) {
                this.url = ((ICECallback) callbackArr[0]).getParameter(MagicNames.ANT_FILE_TYPE_URL);
            }
            if (((ICECallback) callbackArr[0]).getParameter("proxyHost") != null) {
                this.proxyHost = ((ICECallback) callbackArr[0]).getParameter("proxyHost");
            }
            if (((ICECallback) callbackArr[0]).getParameter("proxyPort") != null) {
                try {
                    this.proxyPort = Integer.parseInt(((ICECallback) callbackArr[0]).getParameter("proxyPort"));
                } catch (NullPointerException e) {
                    this.proxyPort = -1;
                } catch (NumberFormatException e2) {
                    this.proxyPort = -1;
                }
            }
            retrieveData();
            if (this.password == null) {
                this.password = new String(new char[0]);
            }
            if (this.iceSubject.getSubject() != null) {
                this.subject = this.iceSubject.getSubject();
            } else {
                this.iceSubject.setSubject(this.subject);
            }
            if (this.user == null) {
                this.log.log(1, (Object) this, "Login failed: User ID not present. Nothing to authenticate.");
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_PARAM_EMPTY, "User ID"));
            }
            if (this.url == null) {
                this.log.log(1, (Object) this, "Login failed: URL not present. No authentication server.");
                throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_PARAM_EMPTY, "URL"));
            }
            String str = "";
            if (this.proxyHost != null) {
                str = str + " via the proxy " + this.proxyHost + ":" + (this.proxyPort == -1 ? 8080 : this.proxyPort);
            }
            this.log.log(4, (Object) this, "Authenticating user " + this.user + " against URL " + this.url + str);
            if ("anonymous".equals(this.user)) {
                this.loggedOn = true;
                return true;
            }
            try {
                HttpURLConnection httpURLConnection = (HttpURLConnection) proxyURLConnection(this.proxyHost, this.proxyPort, this.url);
                int responseCode = httpURLConnection.getResponseCode();
                if (responseCode != 401) {
                    this.loggedOn = true;
                    return true;
                }
                log(8, "Authorization required. Response code: " + responseCode);
                String headerField = httpURLConnection.getHeaderField(Constants.WWW_AUTHENTICATE);
                int indexOf = headerField.indexOf(" ");
                String substring = headerField.substring(0, indexOf);
                String substring2 = headerField.substring(indexOf);
                Hashtable hashtable = new Hashtable();
                StringTokenizer stringTokenizer = new StringTokenizer(substring2, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    StringTokenizer stringTokenizer2 = new StringTokenizer(stringTokenizer.nextToken(), "=");
                    if (stringTokenizer2.countTokens() == 2) {
                        String trim = stringTokenizer2.nextToken().trim();
                        String trim2 = stringTokenizer2.nextToken().trim();
                        hashtable.put(trim, trim2.substring(1, trim2.length() - 1));
                    }
                }
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append(substring).append(" ");
                log(8, "Authentication type: " + substring);
                if (Constants.BASIC_AUTHORIZATION.equals(substring)) {
                    stringBuffer.append(" ").append(ICEBase64.encode((this.user + ":" + this.password).getBytes()));
                } else if (Constants.DIGEST_AUTHORIZATION.equals(substring)) {
                    stringBuffer.append("username=\"").append(this.user).append("\", ");
                    String str2 = (String) hashtable.get("realm");
                    if (str2 != null) {
                        stringBuffer.append("realm=\"").append(str2).append("\", ");
                    }
                    String str3 = (String) hashtable.get("nonce");
                    stringBuffer.append("nonce=\"").append(str3).append("\", ");
                    String str4 = (String) hashtable.get("algorithm");
                    if (str4 != null) {
                        stringBuffer.append("algorithm=\"").append(str4).append("\", ");
                    }
                    String path = httpURLConnection.getURL().getPath();
                    stringBuffer.append("uri=\"").append(path).append("\", ");
                    String MD5Encode = MD5Encode(this.user + ":" + str2 + ":" + this.password, str4);
                    String MD5Encode2 = MD5Encode(httpURLConnection.getRequestMethod() + ":" + path, str4);
                    if (MD5Encode == null || MD5Encode2 == null) {
                        str4 = "MD5";
                        MD5Encode = MD5Encode(this.user + ":" + str2 + ":" + this.password, str4);
                        MD5Encode2 = MD5Encode(httpURLConnection.getRequestMethod() + ":" + path, str4);
                    }
                    if (((String) hashtable.get("qop")) != null) {
                        stringBuffer.append("qop=").append(str2).append(", ");
                        stringBuffer.append("cnonce=\"").append(ICEBase64.encode("Edulib".getBytes())).append("\", ");
                        String str5 = (String) hashtable.get("nc");
                        if (str5 != null) {
                            stringBuffer.append("nc=\"").append(Integer.parseInt(str5) + 1).append("\", ");
                        } else {
                            stringBuffer.append("nc=\"").append(pad(1)).append("\", ");
                        }
                    }
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append(MD5Encode);
                    stringBuffer2.append(":").append(str3).append(":");
                    stringBuffer2.append(MD5Encode2);
                    stringBuffer.append("response=\"").append(MD5Encode(stringBuffer2.toString(), str4)).append(Constants.QUOTE);
                }
                String stringBuffer3 = stringBuffer.toString();
                httpURLConnection.disconnect();
                log(8, "Sending response ...");
                HttpURLConnection httpURLConnection2 = (HttpURLConnection) proxyURLConnection(this.proxyHost, this.proxyPort, this.url);
                httpURLConnection2.setRequestProperty(Constants.AUTHORIZATION, stringBuffer3);
                if (httpURLConnection2.getResponseCode() == 401) {
                    throw new FailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_FAILED_PHASE, new String[0]));
                }
                this.loggedOn = true;
                this.httpAuthenticationString = stringBuffer3;
                return true;
            } catch (Exception e3) {
                this.loggedOn = false;
                throw new FailedLoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e3.getMessage()));
            }
        } catch (IOException e4) {
            this.log.log(1, (Object) this, e4.toString());
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_GENERAL, "Login", e4.getMessage()));
        } catch (UnsupportedCallbackException e5) {
            this.log.log(1, (Object) this, "Login failed: " + e5.getCallback().toString() + " not available to garner authentication information from the user.");
            throw new LoginException(ICEResourceFactory.getMessage(this.resourceBundle, this.log, BundleConstants.ERROR_LOGIN_NOCALLBACK, e5.getCallback().toString()));
        }
    }

    public boolean commit() throws LoginException {
        if (!this.loggedOn) {
            log(8, "Authentication failed. Cannot proceed to phase 2");
            return false;
        }
        log(8, "Phase 1 of authentication succeeded. Proceeding to phase 2.");
        if (this.httpAuthenticationString != null) {
            this.iceSubject.setLocalProperty("httpAuthentication", this.httpAuthenticationString);
        }
        saveData();
        this.userPrincipal = new ICEUserPrincipal();
        this.userPrincipal.setUserName(this.user);
        if (!this.subject.getPrincipals().contains(this.userPrincipal)) {
            this.subject.getPrincipals().add(this.userPrincipal);
        }
        this.commitSucceeded = true;
        log(8, "Phase 2 of authentication succeeded. Proceeding...");
        this.log.log(4, (Object) this, "Authentication succeeded.");
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.loggedOn) {
            log(8, "Login failed. Aborting...");
            return false;
        }
        if (!this.loggedOn || this.commitSucceeded) {
            log(8, "Authentication succeeded, but someone else commit failed... Logout.");
            logout();
            return true;
        }
        log(8, "Authentication failed. Aborting...");
        this.loggedOn = false;
        this.userPrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        log(8, "Log out.");
        this.loggedOn = false;
        this.loggedOn = this.commitSucceeded;
        return this.subject.getPrincipals().remove(this.userPrincipal);
    }

    public void retrieveData() {
        if (this.sharedState.containsKey("wwwAuthID")) {
            this.user = (String) this.sharedState.get("wwwAuthID");
        }
        if (this.sharedState.containsKey("wwwAuthPwd")) {
            this.password = (String) this.sharedState.get("wwwAuthPwd");
        }
    }

    public void saveData() {
        this.sharedState.put("wwwAuthID", this.user);
        this.sharedState.put("wwwAuthPWD", this.password);
    }

    private String MD5Encode(String str, String str2) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str2);
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = 0; i < digest.length; i++) {
                stringBuffer.append(toHex((byte) ((digest[i] & 240) >> 4))).append(toHex((byte) (digest[i] & 15)));
            }
            return stringBuffer.toString();
        } catch (Exception e) {
            return null;
        }
    }

    private char toHex(byte b) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        if (b > 15) {
            return 'f';
        }
        return cArr[b];
    }

    private String pad(int i) {
        String num = Integer.toString(i);
        for (int length = 8 - num.length(); length > 0; length--) {
            num = "0" + num;
        }
        return num;
    }

    private void log(int i, String str) {
        if (this.log != null) {
            this.log.log(i, (Object) this, str);
        }
    }

    public String toString() {
        return "[" + getClass().getName() + "]";
    }

    public static URL proxyURL(String str, int i, String str2) throws MalformedURLException {
        if (str == null) {
            return new URL(str2);
        }
        RE re = null;
        try {
            re = new RE("http:\\/\\/([^\\/]+):\\d+");
        } catch (Exception e) {
        }
        if (re.match(str2) && re.getParen(1).equals(str)) {
            return new URL(str2);
        }
        return new URL(new URL(str2).getProtocol(), str, i == -1 ? 8080 : i, str2);
    }

    public static URLConnection proxyURLConnection(String str, int i, String str2) throws MalformedURLException, IOException {
        URLConnection openConnection = proxyURL(str, i, str2).openConnection();
        String host = new URL(str2).getHost();
        int port = new URL(str2).getPort();
        if (str != null && str.compareTo(host) != 0) {
            if (port != -1) {
                host = host + ":" + port;
            }
            openConnection.setRequestProperty(Constants.HOST, host);
        }
        if (openConnection instanceof HttpURLConnection) {
            ((HttpURLConnection) openConnection).setInstanceFollowRedirects(false);
        }
        return openConnection;
    }
}
