package com.ibm.ut.help.common.security;

import com.ibm.ut.help.common.Activator;
import com.ibm.ut.help.common.MessageLibrary;
import com.ibm.ut.help.common.error.ErrorStatus;
import com.ibm.ut.help.common.web.LocaleUtil;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.UUID;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.auth.AuthPolicy;
import org.apache.tools.ant.taskdefs.WaitFor;
import org.eclipse.equinox.internal.p2.metadata.expression.IExpressionConstants;
import org.eclipse.equinox.p2.repository.IRepository;
import org.mortbay.jetty.HttpHeaders;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:WEB-INF/plugins/com.ibm.ut.help.common_3.9.5.201708151828.jar:com/ibm/ut/help/common/security/AuthenticationService.class */
public class AuthenticationService extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static Hashtable<String, AuthDetails> sessions = new Hashtable<>();

    static {
        new Thread() { // from class: com.ibm.ut.help.common.security.AuthenticationService.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                while (true) {
                    try {
                        Thread.sleep(WaitFor.ONE_HOUR);
                    } catch (Exception unused) {
                    }
                    AuthenticationService.cleanSessions();
                }
            }
        }.start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void cleanSessions() {
        long time = new Date().getTime();
        Enumeration<String> keys = sessions.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            if (time - ((Long) sessions.get(nextElement).get("tstamp")).longValue() > 1800000) {
                sessions.remove(nextElement);
            }
        }
    }

    @Override // javax.servlet.GenericServlet
    public void init() throws ServletException {
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store, no-cache, must-revalidate");
        httpServletResponse.setCharacterEncoding("UTF-8");
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        login((IAuthenticator) httpServletRequest.getAttribute("aux"), httpServletRequest, httpServletResponse, (String) httpServletRequest.getAttribute("description"));
    }

    public static AuthDetails getAuthenticationDetails(IAuthenticator iAuthenticator, HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().equals(iAuthenticator.getClass().getName())) {
                return sessions.get(cookies[i].getValue());
            }
        }
        return null;
    }

    public static String[] getCredentials(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("user") != null ? httpServletRequest.getParameter("user") : "";
        String parameter2 = httpServletRequest.getParameter(IRepository.PROP_PASSWORD) != null ? httpServletRequest.getParameter(IRepository.PROP_PASSWORD) : "";
        if (parameter.equals("")) {
            try {
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpServletRequest.getInputStream()));
                String readLine = bufferedReader.readLine();
                bufferedReader.close();
                if (readLine != null) {
                    String[] split = readLine.split("&");
                    Properties properties = new Properties();
                    for (int i = 0; i < split.length; i++) {
                        properties.setProperty(split[i].substring(0, split[i].indexOf("=")), split[i].substring(split[i].indexOf("=") + 1));
                    }
                    parameter = properties.getProperty("user") != null ? properties.getProperty("user") : "";
                    parameter2 = properties.getProperty(IRepository.PROP_PASSWORD) != null ? properties.getProperty(IRepository.PROP_PASSWORD) : "";
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(header);
            if (stringTokenizer.hasMoreTokens() && stringTokenizer.nextToken().equalsIgnoreCase(AuthPolicy.BASIC)) {
                try {
                    String str = new String(new BASE64Decoder().decodeBuffer(stringTokenizer.nextToken()));
                    int indexOf = str.indexOf(":");
                    if (indexOf != -1) {
                        parameter = str.substring(0, indexOf);
                        parameter2 = str.substring(indexOf + 1);
                    }
                } catch (IOException unused) {
                    return new String[]{parameter, parameter2};
                }
            }
        }
        return new String[]{parameter, parameter2};
    }

    public static AuthDetails login(IAuthenticator iAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        try {
            return authenticate(iAuthenticator, httpServletRequest, httpServletResponse);
        } catch (AuthException unused) {
            httpServletRequest.setAttribute("description", str);
            if (httpServletRequest.getParameter("dispatch") == null) {
                loginDialog(httpServletRequest, httpServletResponse);
                return null;
            }
            httpServletResponse.setContentType("application/json; charset=UTF-8");
            httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store, no-cache, must-revalidate");
            httpServletResponse.getWriter().append((CharSequence) new ErrorStatus("CRRHS0101I", MessageLibrary.getError("CRRHS0101I", LocaleUtil.getLocale(httpServletRequest)), Activator.PLUGIN_ID).toJSON().toString());
            httpServletResponse.flushBuffer();
            httpServletResponse.getWriter().close();
            return null;
        }
    }

    public static AuthDetails authenticate(IAuthenticator iAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthException {
        AuthDetails authenticationDetails = getAuthenticationDetails(iAuthenticator, httpServletRequest);
        if (authenticationDetails != null) {
            return authenticationDetails;
        }
        String[] credentials = getCredentials(httpServletRequest);
        AuthDetails authenticate = iAuthenticator.authenticate(credentials[0], credentials[1]);
        if (authenticate != null) {
            createToken(iAuthenticator, httpServletRequest.getContextPath(), httpServletResponse, authenticate);
        }
        return authenticate;
    }

    private static String createToken(IAuthenticator iAuthenticator, String str, HttpServletResponse httpServletResponse, AuthDetails authDetails) {
        String uuid = UUID.randomUUID().toString();
        Cookie cookie = new Cookie(iAuthenticator.getClass().getName(), uuid);
        cookie.setMaxAge(-1);
        cookie.setPath(str);
        httpServletResponse.addCookie(cookie);
        authDetails.put("tstamp", Long.valueOf(new Date().getTime()));
        authDetails.put("token", uuid);
        sessions.put(uuid, authDetails);
        return uuid;
    }

    public static void loginDialog(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        loginDialog(httpServletRequest, httpServletResponse, null);
    }

    public static void loginDialog(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ErrorStatus errorStatus) {
        httpServletRequest.setAttribute("requester", String.valueOf(httpServletRequest.getRequestURL().toString()) + IExpressionConstants.OPERATOR_IF + httpServletRequest.getQueryString());
        if (errorStatus != null) {
            httpServletRequest.setAttribute("error", errorStatus);
        }
        try {
            httpServletRequest.getRequestDispatcher("/com.ibm.ut.help.common/login.jsp").forward(httpServletRequest, httpServletResponse);
            httpServletResponse.flushBuffer();
            httpServletResponse.getWriter().close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static void error(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ErrorStatus errorStatus) {
        httpServletRequest.setAttribute("error", errorStatus);
        httpServletRequest.setAttribute("requester", httpServletRequest.getRequestURL().toString());
        try {
            httpServletRequest.getRequestDispatcher("/com.ibm.ut.help.common/error.jsp").forward(httpServletRequest, httpServletResponse);
            httpServletResponse.flushBuffer();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static void error(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ErrorStatus errorStatus, IAuthenticator iAuthenticator) {
        httpServletRequest.setAttribute("error", errorStatus);
        httpServletRequest.setAttribute("aux", iAuthenticator);
        httpServletRequest.setAttribute("requester", httpServletRequest.getRequestURL().toString());
        try {
            httpServletRequest.getRequestDispatcher("/com.ibm.ut.help.common/error.jsp").forward(httpServletRequest, httpServletResponse);
            httpServletResponse.flushBuffer();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static void fail(HttpServletResponse httpServletResponse) {
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"Help System Login\"");
        try {
            httpServletResponse.getWriter().println("Uh oh");
            httpServletResponse.getWriter().close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public static void logout(String str) {
        sessions.remove(str);
    }

    public static void logout(IAuthenticator iAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie[] cookies = httpServletRequest.getCookies();
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().equals(iAuthenticator.getClass().getName())) {
                logout(cookies[i].getValue());
                return;
            }
        }
    }
}
