package org.alfresco.module.vti.handler.alfresco;

import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.alfresco.module.vti.handler.AuthenticationHandler;
import org.alfresco.module.vti.handler.MethodHandler;
import org.alfresco.module.vti.handler.SiteMemberMappingException;
import org.alfresco.module.vti.handler.VtiHandlerException;
import org.alfresco.module.vti.web.VtiFilter;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.webdav.auth.AuthenticationDriver;
import org.alfresco.service.cmr.model.FileInfo;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.springframework.extensions.surf.util.URLDecoder;

/* loaded from: input_file:org/alfresco/module/vti/handler/alfresco/DefaultAuthenticationHandler.class */
public class DefaultAuthenticationHandler implements AuthenticationHandler {
    private static final String USER_SESSION_ATTRIBUTE = "_vtiAuthTicket";
    private MethodHandler vtiHandler;
    private AuthenticationDriver delegate;
    private PermissionService permissionService;
    private VtiPathHelper pathHelper;

    public boolean isRequestValidForCurrentUser(HttpServletRequest httpServletRequest, String str) {
        FileInfo resolvePathFileInfo;
        String requestURI = httpServletRequest.getRequestURI();
        if (httpServletRequest.getMethod().equalsIgnoreCase(VtiFilter.METHOD_OPTIONS)) {
            return true;
        }
        String decode = URLDecoder.decode(requestURI.startsWith(str) ? requestURI.substring(str.length()) : requestURI);
        if (decode.equals("/") || decode.equals("") || decode.startsWith("/_vti_inf.html") || decode.startsWith("/_vti_bin/") || decode.startsWith("/resources/")) {
            return true;
        }
        try {
            try {
                if (this.vtiHandler.decomposeURL(requestURI, str)[1].startsWith("_vti_bin") || (resolvePathFileInfo = this.pathHelper.resolvePathFileInfo(decode)) == null) {
                    return true;
                }
                return AccessStatus.ALLOWED == this.permissionService.hasPermission(resolvePathFileInfo.getNodeRef(), "ReadContent");
            } catch (Exception e) {
                return false;
            }
        } catch (Exception e2) {
            throw new SiteMemberMappingException(VtiHandlerException.DOES_NOT_EXIST);
        }
    }

    @Override // org.alfresco.module.vti.handler.AuthenticationHandler
    public SessionUser authenticateRequest(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        HttpSession session;
        SessionUser sessionUser;
        if (!this.delegate.authenticateRequest(servletContext, httpServletRequest, httpServletResponse) || (session = httpServletRequest.getSession(false)) == null || (sessionUser = (SessionUser) session.getAttribute(USER_SESSION_ATTRIBUTE)) == null) {
            return null;
        }
        if (isRequestValidForCurrentUser(httpServletRequest, str)) {
            return sessionUser;
        }
        this.delegate.restartLoginChallenge(servletContext, httpServletRequest, httpServletResponse);
        return null;
    }

    public void setDelegate(AuthenticationDriver authenticationDriver) {
        this.delegate = authenticationDriver;
    }

    public void setVtiHandler(MethodHandler methodHandler) {
        this.vtiHandler = methodHandler;
    }

    public void setPermissionService(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    public void setPathHelper(VtiPathHelper vtiPathHelper) {
        this.pathHelper = vtiPathHelper;
    }
}
