package org.eclipse.scout.rt.server.commons.servletfilter.security;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Hashtable;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.eclipse.scout.commons.Base64Utility;
import org.eclipse.scout.commons.EncryptionUtility;
import org.eclipse.scout.commons.logger.IScoutLogger;
import org.eclipse.scout.commons.logger.ScoutLogManager;
import org.eclipse.scout.commons.security.SimplePrincipal;
import org.eclipse.scout.rt.server.commons.cache.IHttpSessionCacheService;
import org.eclipse.scout.rt.server.commons.servletfilter.FilterConfigInjection;
import org.eclipse.scout.service.SERVICES;

/* loaded from: input_file:org/eclipse/scout/rt/server/commons/servletfilter/security/DataSourceSecurityFilter.class */
public class DataSourceSecurityFilter extends AbstractChainableSecurityFilter {
    private static final IScoutLogger LOG = ScoutLogManager.getLogger(DataSourceSecurityFilter.class);
    public static final String PROP_BASIC_ATTEMPT = "DataSourceSecurityFilter.basicAttempt";
    private String m_jdbcUserName;
    private String m_jdbcPassword;
    private String m_jdbcDriverName;
    private String m_jdbcMappingName;
    private String m_selectStatement;
    private boolean m_useJndiConnection;
    private String m_jndiName;
    private String m_jndiInitialContextFactory;
    private String m_jndiProviderUrl;
    private String m_jndiUrlPkgPrefixes;

    @Override // org.eclipse.scout.rt.server.commons.servletfilter.security.AbstractChainableSecurityFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        FilterConfigInjection.FilterConfig anyConfig = new FilterConfigInjection(filterConfig, getClass()).getAnyConfig();
        this.m_useJndiConnection = Boolean.parseBoolean(anyConfig.getInitParameter("useJndiConnection"));
        this.m_jdbcDriverName = getInitParam(anyConfig, "jdbcDriverName", !this.m_useJndiConnection);
        this.m_jdbcMappingName = getInitParam(anyConfig, "jdbcMappingName", !this.m_useJndiConnection);
        this.m_jdbcUserName = getInitParam(anyConfig, "jdbcUsername", false);
        this.m_jdbcPassword = getInitParam(anyConfig, "jdbcPassword", false);
        this.m_selectStatement = getInitParam(anyConfig, "selectUserPass", !this.m_useJndiConnection);
        this.m_jndiName = getInitParam(anyConfig, "jndiName", this.m_useJndiConnection);
        this.m_jndiInitialContextFactory = anyConfig.getInitParameter("jndiInitialContextFactory");
        this.m_jndiProviderUrl = anyConfig.getInitParameter("jndiProviderUrl");
        this.m_jndiUrlPkgPrefixes = anyConfig.getInitParameter("jndiUrlPkgPrefixes");
    }

    private String getInitParam(FilterConfig filterConfig, String str, boolean z) throws ServletException {
        String initParameter = filterConfig.getInitParameter(str);
        if (z && initParameter == null) {
            throw new ServletException("Missing init-param with name '" + str + "'.");
        }
        return initParameter;
    }

    @Override // org.eclipse.scout.rt.server.commons.servletfilter.security.AbstractChainableSecurityFilter
    protected int negotiate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, PrincipalHolder principalHolder) throws IOException, ServletException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.matches("Basic .*")) {
            String[] split = new String(Base64Utility.decode(header.substring(6)), "ISO-8859-1").split(":", 2);
            String lowerCase = split[0].toLowerCase();
            String str = split[1];
            if (lowerCase != null && str != null && isValidUser(lowerCase, encryptPass(str))) {
                principalHolder.setPrincipal(new SimplePrincipal(lowerCase));
                return 3;
            }
        }
        int basicAttempt = getBasicAttempt(httpServletRequest, httpServletResponse);
        if (basicAttempt > 2) {
            return 1;
        }
        setBasicAttept(httpServletRequest, httpServletResponse, basicAttempt + 1);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + getRealm() + "\"");
        return 1;
    }

    private int getBasicAttempt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = 0;
        Object andTouch = ((IHttpSessionCacheService) SERVICES.getService(IHttpSessionCacheService.class)).getAndTouch(PROP_BASIC_ATTEMPT, httpServletRequest, httpServletResponse);
        if (andTouch instanceof Integer) {
            i = ((Integer) andTouch).intValue();
        }
        return i;
    }

    private void setBasicAttept(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        ((IHttpSessionCacheService) SERVICES.getService(IHttpSessionCacheService.class)).put(PROP_BASIC_ATTEMPT, Integer.valueOf(i), httpServletRequest, httpServletResponse);
    }

    protected boolean isValidUser(String str, String str2) throws ServletException {
        Connection connection = null;
        try {
            try {
                connection = this.m_useJndiConnection ? createJndiConnection() : createJdbcDirectConnection();
                return isValidUser(str, str2, connection);
            } catch (Exception e) {
                LOG.error("Cannot SELECT user/pass.", e);
                throw new ServletException(e.getMessage(), e);
            }
        } finally {
            if (connection != null) {
                try {
                    connection.close();
                } catch (SQLException e2) {
                    LOG.warn("Exception in close connection!", e2);
                }
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x0057 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected boolean isValidUser(java.lang.String r5, java.lang.String r6, java.sql.Connection r7) throws java.sql.SQLException {
        /*
            r4 = this;
            r0 = 0
            r8 = r0
            r0 = r7
            r1 = r4
            java.lang.String r1 = r1.m_selectStatement     // Catch: java.lang.Throwable -> L76
            java.sql.PreparedStatement r0 = r0.prepareStatement(r1)     // Catch: java.lang.Throwable -> L76
            r8 = r0
            r0 = r8
            r1 = 1
            r2 = r5
            r0.setString(r1, r2)     // Catch: java.lang.Throwable -> L76
            r0 = r8
            r1 = 2
            r2 = r6
            r0.setString(r1, r2)     // Catch: java.lang.Throwable -> L76
            r0 = r8
            boolean r0 = r0.execute()     // Catch: java.lang.Throwable -> L76
            r0 = r8
            java.sql.ResultSet r0 = r0.getResultSet()     // Catch: java.lang.Throwable -> L76
            r9 = r0
            r0 = r9
            boolean r0 = r0.next()     // Catch: java.lang.Throwable -> L76
            if (r0 == 0) goto L4f
            r0 = r9
            r1 = 1
            java.lang.String r0 = r0.getString(r1)     // Catch: java.lang.Throwable -> L76
            r1 = r5
            boolean r0 = r0.equals(r1)     // Catch: java.lang.Throwable -> L76
            if (r0 == 0) goto L4f
            r0 = 1
            goto L50
        L4f:
            r0 = 0
        L50:
            r11 = r0
            r0 = r8
            if (r0 == 0) goto L73
            r0 = r8
            r0.close()     // Catch: java.sql.SQLException -> L64
            r0 = 0
            r8 = r0
            goto L73
        L64:
            r12 = move-exception
            org.eclipse.scout.commons.logger.IScoutLogger r0 = org.eclipse.scout.rt.server.commons.servletfilter.security.DataSourceSecurityFilter.LOG
            java.lang.String r1 = "Exception in close stmt!"
            r2 = r12
            r0.warn(r1, r2)
        L73:
            r0 = r11
            return r0
        L76:
            r10 = move-exception
            r0 = r8
            if (r0 == 0) goto L99
            r0 = r8
            r0.close()     // Catch: java.sql.SQLException -> L8a
            r0 = 0
            r8 = r0
            goto L99
        L8a:
            r12 = move-exception
            org.eclipse.scout.commons.logger.IScoutLogger r0 = org.eclipse.scout.rt.server.commons.servletfilter.security.DataSourceSecurityFilter.LOG
            java.lang.String r1 = "Exception in close stmt!"
            r2 = r12
            r0.warn(r1, r2)
        L99:
            r0 = r10
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.eclipse.scout.rt.server.commons.servletfilter.security.DataSourceSecurityFilter.isValidUser(java.lang.String, java.lang.String, java.sql.Connection):boolean");
    }

    protected String encryptPass(String str) throws ServletException {
        String str2 = null;
        if (str != null) {
            try {
                str2 = Base64Utility.encode(EncryptionUtility.signMD5(str.getBytes()));
            } catch (NoSuchAlgorithmException e) {
                LOG.error("couldn't create the password", e);
                throw new ServletException("couldn't create the password", e);
            }
        }
        return str2;
    }

    protected Connection createJdbcDirectConnection() throws ClassNotFoundException, SQLException {
        Class.forName(this.m_jdbcDriverName);
        return DriverManager.getConnection(this.m_jdbcMappingName, this.m_jdbcUserName, this.m_jdbcPassword);
    }

    protected Connection createJndiConnection() throws NamingException, SQLException {
        String str = this.m_jndiName;
        String str2 = this.m_jndiInitialContextFactory;
        String str3 = this.m_jndiProviderUrl;
        String str4 = this.m_jndiUrlPkgPrefixes;
        if (LOG.isInfoEnabled()) {
            LOG.info("Opening rmi connection to: " + str + "," + this.m_jdbcUserName);
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("  using initial context factory: " + str2);
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("  using provider url: " + str3);
        }
        Hashtable hashtable = new Hashtable();
        if (str2 != null) {
            hashtable.put("java.naming.factory.initial", str2);
        }
        if (str3 != null) {
            hashtable.put("java.naming.provider.url", str3);
        }
        if (str4 != null) {
            hashtable.put("java.naming.factory.url.pkgs", str4);
        }
        DataSource dataSource = (DataSource) (hashtable.size() > 0 ? new InitialContext(hashtable) : new InitialContext()).lookup(str);
        Connection connection = (this.m_jdbcUserName == null || this.m_jdbcPassword == null) ? dataSource.getConnection() : dataSource.getConnection(this.m_jdbcUserName, this.m_jdbcPassword);
        connection.setAutoCommit(false);
        return connection;
    }
}
