package co.codewizards.cloudstore.rest.server.service;

import co.codewizards.cloudstore.core.dto.Error;
import co.codewizards.cloudstore.core.io.ByteArrayInputStream;
import co.codewizards.cloudstore.core.oio.File;
import co.codewizards.cloudstore.core.repo.local.LocalRepoManager;
import co.codewizards.cloudstore.core.repo.local.LocalRepoManagerFactory;
import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistryImpl;
import co.codewizards.cloudstore.core.repo.transport.RepoTransport;
import co.codewizards.cloudstore.core.repo.transport.RepoTransportFactoryRegistry;
import co.codewizards.cloudstore.core.util.UrlUtil;
import co.codewizards.cloudstore.rest.server.auth.Auth;
import co.codewizards.cloudstore.rest.server.auth.NotAuthorizedException;
import co.codewizards.cloudstore.rest.server.auth.TransientRepoPasswordManager;
import co.codewizards.cloudstore.rest.server.ldap.LdapClientProvider;
import java.io.CharArrayReader;
import java.io.CharArrayWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Arrays;
import java.util.Base64;
import java.util.Objects;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.PathParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/codewizards/cloudstore/rest/server/service/AbstractServiceWithRepoToRepoAuth.class */
public abstract class AbstractServiceWithRepoToRepoAuth {
    private static final Logger logger = LoggerFactory.getLogger(AbstractServiceWithRepoToRepoAuth.class);

    @Context
    protected HttpServletRequest request;

    @PathParam("repositoryName")
    protected String repositoryName;
    private Auth auth;

    /* JADX INFO: Access modifiers changed from: protected */
    public Auth getAuth() throws WebApplicationException {
        int read;
        if (this.auth == null) {
            String header = this.request.getHeader("Authorization");
            if (header == null || header.isEmpty()) {
                logger.debug("getAuth: There is no 'Authorization' header. Replying with a Status.UNAUTHORIZED response asking for 'Basic' authentication.");
                throw newUnauthorizedException();
            }
            logger.debug("getAuth: 'Authorization' header: {}", header);
            if (!header.startsWith("Basic")) {
                throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).type("application/xml").entity(new Error("Only 'Basic' authentication is supported!")).build());
            }
            byte[] basicAuthEncodedBA = getBasicAuthEncodedBA(header.substring("Basic".length()).trim());
            StringBuilder sb = new StringBuilder();
            char[] cArr = null;
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(basicAuthEncodedBA);
            char[] cArr2 = null;
            CharArrayWriter charArrayWriter = new CharArrayWriter(basicAuthEncodedBA.length + 1);
            try {
                try {
                    InputStreamReader inputStreamReader = new InputStreamReader((InputStream) byteArrayInputStream, "UTF-8");
                    int i = 0;
                    do {
                        char[] cArr3 = new char[10];
                        read = inputStreamReader.read(cArr3);
                        charArrayWriter.write(cArr3);
                        if (read > 0) {
                            i += read;
                        }
                    } while (read >= 0);
                    int i2 = 0;
                    char[] charArray = charArrayWriter.toCharArray();
                    cArr2 = charArray;
                    CharArrayReader charArrayReader = new CharArrayReader(charArray);
                    int i3 = 0;
                    while (i2 >= 0 && i2 < i) {
                        char[] cArr4 = new char[1];
                        i2 = charArrayReader.read(cArr4);
                        if (i2 > 0) {
                            i3 += i2;
                        }
                        if (cArr4[0] == ':') {
                            break;
                        }
                        sb.append(cArr4[0]);
                    }
                    if (i2 >= 0 && i2 < i) {
                        cArr = new char[i - i3];
                        int read2 = charArrayReader.read(cArr);
                        if (read2 + i3 != i) {
                            throw new IllegalStateException("passwordSize and charsRead must match charsReadTotal! passwordSize=" + read2 + ", charsRead=" + i2 + ", charsReadTotal=" + i);
                        }
                    }
                    Arrays.fill(basicAuthEncodedBA, (byte) 0);
                    if (cArr2 != null) {
                        Arrays.fill(cArr2, (char) 0);
                    }
                    if (charArrayWriter != null) {
                        char[] cArr5 = new char[charArrayWriter.size()];
                        charArrayWriter.reset();
                        try {
                            charArrayWriter.write(cArr5);
                        } catch (IOException e) {
                            throw new RuntimeException(e);
                        }
                    }
                    Auth auth = new Auth();
                    auth.setUserName(sb.toString());
                    auth.setPassword(cArr);
                    this.auth = auth;
                } catch (Exception e2) {
                    throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).type("application/xml").entity(new Error(e2)).build());
                }
            } catch (Throwable th) {
                Arrays.fill(basicAuthEncodedBA, (byte) 0);
                if (cArr2 != null) {
                    Arrays.fill(cArr2, (char) 0);
                }
                if (charArrayWriter != null) {
                    char[] cArr6 = new char[charArrayWriter.size()];
                    charArrayWriter.reset();
                    try {
                        charArrayWriter.write(cArr6);
                    } catch (IOException e3) {
                        throw new RuntimeException(e3);
                    }
                }
                throw th;
            }
        }
        return this.auth;
    }

    private byte[] getBasicAuthEncodedBA(String str) {
        try {
            return Base64.getDecoder().decode(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    protected String authenticateAndReturnUserName() throws WebApplicationException {
        UUID repositoryId = LocalRepoRegistryImpl.getInstance().getRepositoryId(this.repositoryName);
        if (repositoryId == null) {
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).type("application/xml").entity(new Error(String.format("HTTP 404: repositoryName='%s' is neither an alias nor an ID of a known repository!", this.repositoryName))).build());
        }
        Auth auth = getAuth();
        UUID clientRepositoryIdFromUserName = getClientRepositoryIdFromUserName(auth.getUserName());
        if (clientRepositoryIdFromUserName == null) {
            return LdapClientProvider.getInstance().getClient().authenticate(auth);
        }
        if (TransientRepoPasswordManager.getInstance().isPasswordValid(repositoryId, clientRepositoryIdFromUserName, auth.getPassword())) {
            return auth.getUserName();
        }
        throw newUnauthorizedException();
    }

    protected UUID getClientRepositoryIdFromUserName(String str) {
        if (((String) Objects.requireNonNull(str, "userName")).startsWith("_repositoryId/")) {
            return UUID.fromString(str.substring("_repositoryId/".length()));
        }
        return null;
    }

    protected UUID getClientRepositoryIdFromUserNameOrFail(String str) {
        UUID clientRepositoryIdFromUserName = getClientRepositoryIdFromUserName(str);
        if (clientRepositoryIdFromUserName == null) {
            throw new IllegalArgumentException(String.format("userName='%s' is not a repository!", str));
        }
        return clientRepositoryIdFromUserName;
    }

    private WebApplicationException newUnauthorizedException() {
        return new NotAuthorizedException();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RepoTransport authenticateAndCreateLocalRepoTransport() {
        UUID clientRepositoryIdFromUserNameOrFail = getClientRepositoryIdFromUserNameOrFail(authenticateAndReturnUserName());
        URL localRootURL = getLocalRootURL(clientRepositoryIdFromUserNameOrFail);
        return RepoTransportFactoryRegistry.getInstance().getRepoTransportFactoryOrFail(localRootURL).createRepoTransport(localRootURL, clientRepositoryIdFromUserNameOrFail);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RepoTransport authenticateWithLdap() {
        authenticateAndReturnUserName();
        try {
            URL appendEmptyPathPrefix = appendEmptyPathPrefix(LocalRepoRegistryImpl.getInstance().getLocalRootForRepositoryNameOrFail(this.repositoryName).toURI().toURL());
            return RepoTransportFactoryRegistry.getInstance().getRepoTransportFactoryOrFail(appendEmptyPathPrefix).createRepoTransport(appendEmptyPathPrefix, (UUID) null);
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }

    protected URL authenticateAndGetLocalRootURL() {
        return getLocalRootURL(getClientRepositoryIdFromUserNameOrFail(authenticateAndReturnUserName()));
    }

    protected URL getLocalRootURL(UUID uuid) {
        Objects.requireNonNull(this.repositoryName, "repositoryName");
        File localRootForRepositoryNameOrFail = LocalRepoRegistryImpl.getInstance().getLocalRootForRepositoryNameOrFail(this.repositoryName);
        LocalRepoManager createLocalRepoManagerForExistingRepository = LocalRepoManagerFactory.Helper.getInstance().createLocalRepoManagerForExistingRepository(localRootForRepositoryNameOrFail);
        try {
            try {
                URL appendNonEncodedPath = UrlUtil.appendNonEncodedPath(localRootForRepositoryNameOrFail.toURI().toURL(), createLocalRepoManagerForExistingRepository.getLocalPathPrefixOrFail(uuid));
                createLocalRepoManagerForExistingRepository.close();
                return appendNonEncodedPath;
            } catch (MalformedURLException e) {
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            createLocalRepoManagerForExistingRepository.close();
            throw th;
        }
    }

    private URL appendEmptyPathPrefix(URL url) {
        return UrlUtil.appendNonEncodedPath(url, "");
    }
}
