package com.tsc9526.monalisa.service.auth;

import com.tsc9526.monalisa.service.Response;
import com.tsc9526.monalisa.service.actions.Action;
import com.tsc9526.monalisa.service.actions.ActionFilter;
import com.tsc9526.monalisa.service.args.ModelArgs;
import com.tsc9526.monalisa.tools.datatable.DataMap;
import com.tsc9526.monalisa.tools.logger.Logger;
import com.tsc9526.monalisa.tools.misc.MelpCodec;
import java.io.IOException;
import java.util.Base64;
import java.util.List;
import java.util.Random;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/tsc9526/monalisa/service/auth/DigestAuth.class */
public class DigestAuth implements ActionFilter {
    public static final String SESSION_KEY_AUTH_USER = "monalisa.auth.user";
    public static final String SESSION_KEY_AUTH_NONCE = "monalisa.auth.nonce";
    protected DataMap userAuths = new DataMap();
    static Logger logger = Logger.getLogger(DigestAuth.class);
    public static Pattern authrizationPattern = Pattern.compile("[0-9a-zA-Z_]+\\s*=\\s*((\"[^\"]*\")|([0-9a-zA-Z_]+))" + "\r\n".trim());

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/tsc9526/monalisa/service/auth/DigestAuth$AuthResponse.class */
    public class AuthResponse extends Response {
        private static final long serialVersionUID = 1;
        String nonce;

        AuthResponse(String str) {
            super(Response.REQUEST_UNAUTHORIZED, "Authentication is required to access this resource, see system console for detail message!");
            this.nonce = str;
        }

        @Override // com.tsc9526.monalisa.service.Response
        public void writeResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            httpServletResponse.addHeader("WWW-Authenticate", "Digest realm=\"Realm\",qop=\"auth\",nonce=\"" + this.nonce + "\",algorithm=\"MD5\"" + "\r\n".trim());
            httpServletResponse.sendError(this.status, this.message);
        }
    }

    /* loaded from: input_file:com/tsc9526/monalisa/service/auth/DigestAuth$AuthUser.class */
    class AuthUser {
        String username;
        String password;

        AuthUser(String str, String str2) {
            this.username = str;
            this.password = str2;
        }
    }

    /* loaded from: input_file:com/tsc9526/monalisa/service/auth/DigestAuth$DigestAuthrization.class */
    public static class DigestAuthrization {
        private boolean digest;
        private String method;
        private String username;
        private String realm;
        private String nonce;
        private String uri;
        private String cnonce;
        private String nc;
        private String qop;
        private String response;
        private DataMap as = new DataMap();

        public DigestAuthrization(String str, String str2) {
            this.digest = false;
            this.method = str;
            if (str2 == null || !str2.startsWith("Digest")) {
                return;
            }
            this.digest = true;
            Matcher matcher = DigestAuth.authrizationPattern.matcher(str2.substring("Digest".length()).trim());
            while (matcher.find()) {
                String group = matcher.group();
                int indexOf = group.indexOf("=");
                String trim = group.substring(0, indexOf).trim();
                String trim2 = group.substring(indexOf + 1).trim();
                if (trim2.startsWith("\"")) {
                    trim2 = trim2.substring(1, trim2.length() - 1);
                }
                this.as.put(trim, trim2);
            }
            this.username = this.as.getString("username");
            this.realm = this.as.getString("realm");
            this.nonce = this.as.getString("nonce");
            this.uri = this.as.getString("uri");
            this.cnonce = this.as.getString("cnonce");
            this.nc = this.as.getString("nc");
            this.qop = this.as.getString("qop");
            this.response = this.as.getString("response");
        }

        public boolean isDigest() {
            return this.digest;
        }

        public void setDigest(boolean z) {
            this.digest = z;
        }

        public String getMethod() {
            return this.method;
        }

        public void setMethod(String str) {
            this.method = str;
        }

        public String getUsername() {
            return this.username;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public String getRealm() {
            return this.realm;
        }

        public void setRealm(String str) {
            this.realm = str;
        }

        public String getNonce() {
            return this.nonce;
        }

        public void setNonce(String str) {
            this.nonce = str;
        }

        public String getUri() {
            return this.uri;
        }

        public void setUri(String str) {
            this.uri = str;
        }

        public String getCnonce() {
            return this.cnonce;
        }

        public void setCnonce(String str) {
            this.cnonce = str;
        }

        public String getNc() {
            return this.nc;
        }

        public void setNc(String str) {
            this.nc = str;
        }

        public String getQop() {
            return this.qop;
        }

        public void setQop(String str) {
            this.qop = str;
        }

        public String getResponse() {
            return this.response;
        }

        public void setResponse(String str) {
            this.response = str;
        }

        public DataMap getAs() {
            return this.as;
        }

        public void setAs(DataMap dataMap) {
            this.as = dataMap;
        }
    }

    public DigestAuth(List<String[]> list) {
        for (String[] strArr : list) {
            this.userAuths.put(strArr[0].trim(), strArr[1].trim());
        }
    }

    public DataMap getUserAuths() {
        return this.userAuths;
    }

    @Override // com.tsc9526.monalisa.service.actions.ActionFilter
    public boolean accept(Action action) {
        return true;
    }

    @Override // com.tsc9526.monalisa.service.actions.ActionFilter
    public Response doFilter(Action action) {
        ModelArgs actionArgs = action.getActionArgs();
        String dbName = actionArgs.getDBS().getDbName();
        String str = "monalisa.auth.user:" + dbName;
        String str2 = "monalisa.auth.nonce:" + dbName;
        HttpSession session = actionArgs.getReq().getSession();
        AuthUser authUser = (AuthUser) session.getAttribute(str);
        if (authUser != null && this.userAuths.getString(authUser.username, "").equals(authUser.password)) {
            actionArgs.setAuthUsername(authUser.username);
            return null;
        }
        String header = actionArgs.getReq().getHeader("Authorization");
        String str3 = (String) session.getAttribute(str2);
        DigestAuthrization digestAuthrization = new DigestAuthrization(actionArgs.getReq().getMethod(), header);
        if (!isAuthOk(digestAuthrization, str3)) {
            AuthResponse authResponse = getAuthResponse();
            session.setAttribute(str2, authResponse.nonce);
            return authResponse;
        }
        logger.info("Auth ok: " + digestAuthrization.username + ", dbname: " + dbName);
        session.setAttribute(str, new AuthUser(digestAuthrization.username, this.userAuths.getString(digestAuthrization.username)));
        session.removeAttribute(str2);
        actionArgs.setAuthType(getClass().getName());
        actionArgs.setAuthUsername(digestAuthrization.username);
        return null;
    }

    protected AuthResponse getAuthResponse() {
        byte[] bArr = new byte[8];
        new Random().nextBytes(bArr);
        return new AuthResponse(Base64.getUrlEncoder().encodeToString(bArr));
    }

    protected boolean isAuthOk(DigestAuthrization digestAuthrization, String str) {
        String string;
        if (str == null || !digestAuthrization.digest || (string = this.userAuths.getString(digestAuthrization.username)) == null) {
            return false;
        }
        return MelpCodec.MD5(MelpCodec.MD5(digestAuthrization.username + ":Realm:" + string) + ":" + str + ":" + digestAuthrization.nc + ":" + digestAuthrization.cnonce + ":" + digestAuthrization.qop + ":" + MelpCodec.MD5(digestAuthrization.method + ":" + digestAuthrization.uri)).equalsIgnoreCase(digestAuthrization.response);
    }
}
