package com.stc.repository.persistence.server.impl;

import com.stc.repository.RepositoryConstants;
import com.stc.repository.persistence.PersistenceConstants;
import com.stc.repository.persistence.RepositoryServerError;
import com.stc.repository.persistence.RepositoryServerException;
import com.stc.repository.persistence.RepositoryServerRequestResponse;
import com.stc.repository.persistence.RequestResponseInfo;
import com.stc.repository.persistence.client.ACLHelper;
import com.stc.repository.persistence.client.impl.ACLHelperImpl;
import com.stc.repository.resource.RepositoryResourceKeys;
import com.stc.repository.utilities.Level;
import com.stc.repository.utilities.Logger;
import com.stc.repository.versioncontrol.BranchACLInfo;
import com.stc.repository.versioncontrol.BranchInfo;
import com.stc.repository.versioncontrol.impl.BranchACLInfoImpl;
import com.stc.repository.workspace.impl.WorkspaceObjectImpl;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.UnknownHostException;
import java.util.Hashtable;
import java.util.Map;
import java.util.Properties;
import java.util.Vector;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:com-stc-repository.jar:com/stc/repository/persistence/server/impl/RepositorySecurityManager.class */
public class RepositorySecurityManager {
    static final String RCS_ID = "$Id: RepositorySecurityManager.java,v 1.22 2007/06/29 00:00:40 ed Exp $";
    public static final String OPERATION_CREATE = "create";
    public static final String OPERATION_GET = "get";
    public static final String OPERATION_UPDATE = "update";
    public static final String OPERATION_DELETE = "delete";
    public static final String BRANCHES_ACL_FILE = "branchesACL.properties";
    private static Logger logger = null;
    private boolean mAuthenticationEnabled;
    private boolean mAuthorizationEnabled;
    private RepositoryControllerServerImpl mRepControllerServer;
    private BranchACLHelper mBranchACLHelper;
    static Class class$com$stc$repository$persistence$server$impl$RepositorySecurityManager;
    static Class class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com-stc-repository.jar:com/stc/repository/persistence/server/impl/RepositorySecurityManager$BranchACLHelper.class */
    public class BranchACLHelper {
        private File branchesACLFile;
        private Properties branchesACLProps = new Properties();
        private Hashtable branchesACLHelpers = new Hashtable();
        private final RepositorySecurityManager this$0;

        public BranchACLHelper(RepositorySecurityManager repositorySecurityManager, File file) throws RepositoryServerException {
            this.this$0 = repositorySecurityManager;
            this.branchesACLFile = file;
            load();
        }

        private void load() throws RepositoryServerException {
            Class cls;
            if (this.branchesACLFile.exists()) {
                if (RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper == null) {
                    cls = RepositorySecurityManager.class$("com.stc.repository.persistence.server.impl.RepositorySecurityManager$BranchACLHelper");
                    RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper = cls;
                } else {
                    cls = RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper;
                }
                Class cls2 = cls;
                synchronized (cls) {
                    this.branchesACLProps.clear();
                    FileInputStream fileInputStream = null;
                    try {
                        try {
                            fileInputStream = new FileInputStream(this.branchesACLFile);
                            this.branchesACLProps.load(fileInputStream);
                            for (Map.Entry entry : this.branchesACLProps.entrySet()) {
                                String str = (String) entry.getKey();
                                String str2 = (String) entry.getValue();
                                if (str2 != null && str2.trim().length() > 0) {
                                    this.branchesACLHelpers.put(str, new ACLHelperImpl(str2));
                                }
                            }
                            if (fileInputStream != null) {
                                try {
                                    fileInputStream.close();
                                } catch (IOException e) {
                                }
                            }
                        } catch (IOException e2) {
                            throw new RepositoryServerException(new StringBuffer().append("Cannot access branches ACL file: ").append(e2.getMessage()).toString(), e2);
                        }
                    } catch (Throwable th) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e3) {
                            }
                        }
                        throw th;
                    }
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void store() throws RepositoryServerException {
            Class cls;
            if (RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper == null) {
                cls = RepositorySecurityManager.class$("com.stc.repository.persistence.server.impl.RepositorySecurityManager$BranchACLHelper");
                RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper = cls;
            } else {
                cls = RepositorySecurityManager.class$com$stc$repository$persistence$server$impl$RepositorySecurityManager$BranchACLHelper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                FileOutputStream fileOutputStream = null;
                try {
                    try {
                        FileOutputStream fileOutputStream2 = new FileOutputStream(this.branchesACLFile);
                        this.branchesACLProps.store(fileOutputStream2, "*** Do not manually edit this file! ***");
                        if (fileOutputStream2 != null) {
                            try {
                                fileOutputStream2.flush();
                                fileOutputStream2.close();
                            } catch (IOException e) {
                            }
                        }
                    } catch (Throwable th) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.flush();
                                fileOutputStream.close();
                            } catch (IOException e2) {
                            }
                        }
                        throw th;
                    }
                } catch (IOException e3) {
                    throw new RepositoryServerException(new StringBuffer().append("Cannot access branches ACL file: ").append(e3.getMessage()).toString(), e3);
                }
            }
        }

        public ACLHelper get(String str) {
            return (ACLHelper) this.branchesACLHelpers.get(str);
        }

        public void put(String str, String str2) {
            if (null == str2 || str2.trim().length() == 0) {
                this.branchesACLHelpers.remove(str);
                this.branchesACLProps.remove(str);
            } else {
                this.branchesACLHelpers.put(str, new ACLHelperImpl(str2));
                this.branchesACLProps.put(str, str2);
            }
        }

        public Vector get() {
            Vector vector = new Vector();
            for (Map.Entry entry : this.branchesACLProps.entrySet()) {
                String str = (String) entry.getKey();
                String str2 = (String) entry.getValue();
                if (str2 != null && str2.length() > 0) {
                    BranchACLInfoImpl branchACLInfoImpl = new BranchACLInfoImpl();
                    branchACLInfoImpl.setBranchName(str);
                    branchACLInfoImpl.setEncodedString(str2);
                    vector.addElement(branchACLInfoImpl);
                }
            }
            return vector;
        }

        public void clear() {
            this.branchesACLHelpers.clear();
            this.branchesACLProps.clear();
        }
    }

    public RepositorySecurityManager(Properties properties, String str) throws RepositoryServerException {
        this(properties, str, null);
    }

    public RepositorySecurityManager(Properties properties, String str, RepositoryControllerServerImpl repositoryControllerServerImpl) throws RepositoryServerException {
        Class cls;
        this.mAuthenticationEnabled = false;
        this.mAuthorizationEnabled = false;
        this.mRepControllerServer = null;
        this.mBranchACLHelper = null;
        if (class$com$stc$repository$persistence$server$impl$RepositorySecurityManager == null) {
            cls = class$("com.stc.repository.persistence.server.impl.RepositorySecurityManager");
            class$com$stc$repository$persistence$server$impl$RepositorySecurityManager = cls;
        } else {
            cls = class$com$stc$repository$persistence$server$impl$RepositorySecurityManager;
        }
        logger = Logger.getLogger(cls.getName());
        String str2 = (String) properties.get(PersistenceConstants.AUTHENTICATION_ENABLED_TAG);
        if (str2 != null) {
            this.mAuthenticationEnabled = Boolean.valueOf(str2).booleanValue();
        }
        String str3 = (String) properties.get(PersistenceConstants.AUTHORIZATION_ENABLED_TAG);
        if (str3 != null) {
            this.mAuthorizationEnabled = Boolean.valueOf(str3).booleanValue();
        }
        this.mRepControllerServer = repositoryControllerServerImpl;
        if (this.mRepControllerServer != null) {
            this.mBranchACLHelper = new BranchACLHelper(this, new File(new StringBuffer().append(this.mRepControllerServer.mServerBaseDirectoryName).append("/").append(PersistenceConstants.JRCS_DIRECTORY_NAME).append("/").append(BRANCHES_ACL_FILE).toString()));
        }
    }

    private boolean isAuthenticationEnabled() {
        return this.mAuthenticationEnabled;
    }

    private boolean isAuthorizationEnabled() {
        return this.mAuthorizationEnabled;
    }

    public void authenticate(RepositoryServerRequestResponse repositoryServerRequestResponse) throws RepositoryServerException {
        if (isAuthenticationEnabled()) {
            basicAuthenticate(repositoryServerRequestResponse);
        }
    }

    public void authorize(String str, String str2, String str3, RequestResponseInfo requestResponseInfo) {
        if (!isAuthorizationEnabled() || str2 == null || str2.equals("")) {
            return;
        }
        if (str3.equals("update") || str3.equals("delete")) {
            if (isAuthorizedToWrite(str2, str)) {
                return;
            }
            requestResponseInfo.setServerError();
            RepositoryServerError serverError = requestResponseInfo.getServerError();
            serverError.setErrorCode(RepositoryResourceKeys.RSM_AUTHORIZE_WRITE_ERROR);
            serverError.addToErrorArguments(str3);
            serverError.addToErrorArguments(requestResponseInfo.getName());
            serverError.addToErrorArguments(requestResponseInfo.getClassNameAlias());
            serverError.addToErrorArguments(requestResponseInfo.getOID());
            serverError.addToErrorArguments(requestResponseInfo.getACLInfo());
            return;
        }
        if (!str3.equals("get") || isAuthorizedToRead(str2, str)) {
            return;
        }
        requestResponseInfo.setServerError();
        RepositoryServerError serverError2 = requestResponseInfo.getServerError();
        serverError2.setErrorCode(RepositoryResourceKeys.RSM_AUTHORIZE_READ_ERROR);
        serverError2.addToErrorArguments(str3);
        serverError2.addToErrorArguments(requestResponseInfo.getName());
        serverError2.addToErrorArguments(requestResponseInfo.getClassNameAlias());
        serverError2.addToErrorArguments(requestResponseInfo.getOID());
        serverError2.addToErrorArguments(requestResponseInfo.getACLInfo());
    }

    private void basicAuthenticate(RepositoryServerRequestResponse repositoryServerRequestResponse) throws RepositoryServerException {
        String str;
        try {
            if (repositoryServerRequestResponse.getPassword() != null) {
                if (repositoryServerRequestResponse.getPassword().trim().equals(System.getProperty(RepositoryConstants.SECURITY_TOKEN))) {
                    return;
                }
            }
            try {
                str = InetAddress.getLocalHost().getHostName();
            } catch (UnknownHostException e) {
                if (logger.isLoggable(Level.FINER)) {
                    logger.finer("UnknowHost Exception when retrieving the host name, use localhost instead");
                }
                str = "localhost";
            }
            try {
                URL url = new URL(new StringBuffer().append("http://").append(str).append(WorkspaceObjectImpl.COLLECTION_DELIMITER).append(repositoryServerRequestResponse.getRepositoryPort()).append("/repository/Authenticate.jsp").toString());
                try {
                    String userID = repositoryServerRequestResponse.getUserID();
                    String stringBuffer = new StringBuffer().append("Basic ").append(new BASE64Encoder().encode(new StringBuffer().append(userID).append(WorkspaceObjectImpl.COLLECTION_DELIMITER).append(repositoryServerRequestResponse.getPassword()).toString().getBytes("ISO-8859-1"))).toString();
                    HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
                    httpURLConnection.setRequestProperty("Authorization", stringBuffer);
                    int responseCode = httpURLConnection.getResponseCode();
                    if (200 == responseCode) {
                        httpURLConnection.disconnect();
                        if (logger.isLoggable(Level.FINER)) {
                            logger.finer(new StringBuffer().append("Authentication success for ").append(userID).toString());
                            return;
                        }
                        return;
                    }
                    if (401 == responseCode) {
                        httpURLConnection.disconnect();
                        String stringBuffer2 = new StringBuffer().append("Error authenticating ").append(userID).append("; please verify your login ID and password.").toString();
                        logger.log(Level.INFO, stringBuffer2);
                        repositoryServerRequestResponse.setServerError();
                        RepositoryServerError serverError = repositoryServerRequestResponse.getServerError();
                        serverError.setExceptionInfo(new RepositoryServerException(stringBuffer2));
                        serverError.setErrorCode(RepositoryResourceKeys.RSM_AUTHENTICATION_ERROR);
                        serverError.addToErrorArguments(userID);
                    } else if (403 == responseCode) {
                        httpURLConnection.disconnect();
                        String stringBuffer3 = new StringBuffer().append("Error authenticating ").append(userID).append(": the user does not belong to the \"all\" Security Role.  Please contact the administrator.").toString();
                        logger.log(Level.INFO, stringBuffer3);
                        RepositoryServerError serverError2 = repositoryServerRequestResponse.getServerError();
                        serverError2.setExceptionInfo(new RepositoryServerException(stringBuffer3));
                        serverError2.setErrorCode(RepositoryResourceKeys.RSM_AUTHENTICATION_INVALID_ROLE_ERROR);
                        serverError2.addToErrorArguments(userID);
                    } else {
                        httpURLConnection.disconnect();
                        String stringBuffer4 = new StringBuffer().append("Error authenticating: server returned HTTP error status ").append(responseCode).append(".  Please contact the administrator.").toString();
                        logger.log(Level.INFO, stringBuffer4);
                        RepositoryServerError serverError3 = repositoryServerRequestResponse.getServerError();
                        serverError3.setExceptionInfo(new RepositoryServerException(stringBuffer4));
                        serverError3.setErrorCode(RepositoryResourceKeys.RSM_AUTHENTICATION_HTTP_ERROR);
                        serverError3.addToErrorArguments(userID);
                    }
                } catch (IOException e2) {
                    logger.log(Level.INFO, new StringBuffer().append("Error authenticating: ").append(e2.getMessage()).toString(), (Throwable) e2);
                    throw new RepositoryServerException(new StringBuffer().append("Error authenticating: ").append(e2.getMessage()).toString(), e2);
                } catch (Exception e3) {
                    throw new RepositoryServerException(new StringBuffer().append("Error occurred while authenticating: ").append(e3.getMessage()).toString(), e3);
                }
            } catch (MalformedURLException e4) {
                throw new RepositoryServerException("Error connecting to the repository; invalid URL is specified", e4);
            }
        } catch (Exception e5) {
            throw new RepositoryServerException("Invalid encoding specified", e5);
        }
    }

    private boolean isAuthorizedToRead(String str, String str2) {
        ACLHelper aCLHelper;
        boolean isReadable = new ACLHelperImpl(str).isReadable(str2);
        if (isReadable) {
            try {
                BranchInfo currentBranchForUser = this.mRepControllerServer.getCurrentBranchForUser(str2);
                if (currentBranchForUser != null) {
                    String branchName = currentBranchForUser.getBranchName();
                    if (this.mBranchACLHelper != null && (aCLHelper = this.mBranchACLHelper.get(branchName)) != null) {
                        isReadable = aCLHelper.isReadable(str2);
                    }
                }
            } catch (Exception e) {
                isReadable = true;
            }
        }
        return isReadable;
    }

    private boolean isAuthorizedToWrite(String str, String str2) {
        ACLHelper aCLHelper;
        boolean isWritable = new ACLHelperImpl(str).isWritable(str2);
        if (isWritable) {
            try {
                BranchInfo currentBranchForUser = this.mRepControllerServer.getCurrentBranchForUser(str2);
                if (currentBranchForUser != null) {
                    String branchName = currentBranchForUser.getBranchName();
                    if (this.mBranchACLHelper != null && (aCLHelper = this.mBranchACLHelper.get(branchName)) != null) {
                        isWritable = aCLHelper.isWritable(str2);
                    }
                }
            } catch (Exception e) {
                isWritable = true;
            }
        }
        return isWritable;
    }

    public String getBranchACL(String str) {
        ACLHelper aCLHelper;
        String str2 = null;
        if (this.mBranchACLHelper != null && (aCLHelper = this.mBranchACLHelper.get(str)) != null) {
            str2 = aCLHelper.getEncodedString();
        }
        return str2;
    }

    public Vector getBranchesACLInfos() {
        return this.mBranchACLHelper != null ? this.mBranchACLHelper.get() : new Vector();
    }

    public void updateBranchesACLInfos(Vector vector) throws RepositoryServerException {
        if (this.mBranchACLHelper != null) {
            this.mBranchACLHelper.clear();
            for (int i = 0; i < vector.size(); i++) {
                BranchACLInfo branchACLInfo = (BranchACLInfo) vector.get(i);
                this.mBranchACLHelper.put(branchACLInfo.getBranchName(), branchACLInfo.getEncodedString());
            }
            this.mBranchACLHelper.store();
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
