package com.ibm.ut.help.common.security;

import java.io.IOException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
import java.util.UUID;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.auth.AuthPolicy;
import org.apache.tools.ant.taskdefs.WaitFor;
import org.eclipse.equinox.p2.repository.IRepository;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:WEB-INF/plugins/com.ibm.ut.help.common_3.9.5.201708151828.jar:com/ibm/ut/help/common/security/SessionAuthenticator.class */
public class SessionAuthenticator {
    private static Hashtable<String, SessionAuthenticator> map = new Hashtable<>();
    protected String sessionName;
    protected Hashtable<String, AuthDetails> sessions = new Hashtable<>();
    private IAuthenticator authenticator;

    public static SessionAuthenticator getInstance(IAuthenticator iAuthenticator) {
        SessionAuthenticator sessionAuthenticator = map.get(iAuthenticator.getClass().getCanonicalName());
        if (sessionAuthenticator == null) {
            sessionAuthenticator = new SessionAuthenticator(iAuthenticator, iAuthenticator.getClass().getName());
            map.put(iAuthenticator.getClass().getCanonicalName(), sessionAuthenticator);
        }
        return sessionAuthenticator;
    }

    private SessionAuthenticator(IAuthenticator iAuthenticator, String str) {
        this.authenticator = iAuthenticator;
        this.sessionName = str;
        new Thread() { // from class: com.ibm.ut.help.common.security.SessionAuthenticator.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                while (true) {
                    try {
                        Thread.sleep(WaitFor.ONE_HOUR);
                    } catch (Exception unused) {
                    }
                    SessionAuthenticator.this.cleanSessions();
                }
            }
        }.start();
    }

    protected void cleanSessions() {
        long time = new Date().getTime();
        Enumeration<String> keys = this.sessions.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            if (time - ((Long) this.sessions.get(nextElement).get("tstamp")).longValue() > 1800000) {
                this.sessions.remove(nextElement);
            }
        }
    }

    public void removeToken(String str) {
        this.sessions.remove(str);
    }

    public void removeToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie[] cookies = httpServletRequest.getCookies();
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().equals(this.sessionName)) {
                removeToken(cookies[i].getValue());
                return;
            }
        }
    }

    public AuthDetails authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthException {
        AuthDetails authenticationDetails = getAuthenticationDetails(httpServletRequest);
        if (authenticationDetails != null) {
            return authenticationDetails;
        }
        String[] credentials = getCredentials(httpServletRequest);
        AuthDetails authenticate = this.authenticator.authenticate(credentials[0], credentials[1]);
        if (authenticate != null) {
            createToken(httpServletResponse, authenticate);
        }
        return authenticate;
    }

    public boolean isAuthenticated(HttpServletRequest httpServletRequest) {
        return getAuthenticationDetails(httpServletRequest) != null;
    }

    public IAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public AuthDetails getAuthenticationDetails(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().equals(this.sessionName)) {
                return this.sessions.get(cookies[i].getValue());
            }
        }
        return null;
    }

    public static String[] getCredentials(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("user") != null ? httpServletRequest.getParameter("user") : "";
        String parameter2 = httpServletRequest.getParameter(IRepository.PROP_PASSWORD) != null ? httpServletRequest.getParameter(IRepository.PROP_PASSWORD) : "";
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(header);
            if (stringTokenizer.hasMoreTokens() && stringTokenizer.nextToken().equalsIgnoreCase(AuthPolicy.BASIC)) {
                try {
                    String str = new String(new BASE64Decoder().decodeBuffer(stringTokenizer.nextToken()));
                    int indexOf = str.indexOf(":");
                    if (indexOf != -1) {
                        parameter = str.substring(0, indexOf);
                        parameter2 = str.substring(indexOf + 1);
                    }
                } catch (IOException unused) {
                    return new String[]{parameter, parameter2};
                }
            }
        }
        return new String[]{parameter, parameter2};
    }

    public String createToken(HttpServletResponse httpServletResponse, AuthDetails authDetails) {
        String uuid = UUID.randomUUID().toString();
        Cookie cookie = new Cookie(this.sessionName, uuid);
        cookie.setMaxAge(-1);
        cookie.setPath("/help");
        httpServletResponse.addCookie(cookie);
        authDetails.put("tstamp", Long.valueOf(new Date().getTime()));
        this.sessions.put(uuid, authDetails);
        return uuid;
    }
}
