package org.alfresco.repo.webdav.auth;

import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.SessionUser;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.Authorization;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.transaction.TransactionService;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/alfresco/repo/webdav/auth/SSOFallbackBasicAuthenticationDriver.class */
public class SSOFallbackBasicAuthenticationDriver implements AuthenticationDriver {
    private AuthenticationService authenticationService;
    private PersonService personService;
    private NodeService nodeService;
    private TransactionService transactionService;
    private Log logger = LogFactory.getLog(SSOFallbackBasicAuthenticationDriver.class);
    private String userAttributeName = AuthenticationDriver.AUTHENTICATION_USER;

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public void setPersonService(PersonService personService) {
        this.personService = personService;
    }

    public void setNodeService(NodeService nodeService) {
        this.nodeService = nodeService;
    }

    public void setTransactionService(TransactionService transactionService) {
        this.transactionService = transactionService;
    }

    public void setUserAttributeName(String str) {
        this.userAttributeName = str;
    }

    @Override // org.alfresco.repo.webdav.auth.AuthenticationDriver
    public boolean authenticateRequest(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String str;
        String str2;
        String header = httpServletRequest.getHeader("Authorization");
        HttpSession session = httpServletRequest.getSession(false);
        SessionUser sessionUser = session == null ? null : (SessionUser) session.getAttribute(this.userAttributeName);
        if (sessionUser != null) {
            try {
                this.authenticationService.validate(sessionUser.getTicket());
                return true;
            } catch (AuthenticationException e) {
                session.invalidate();
                return false;
            }
        }
        if (header == null || header.length() <= 5 || !header.substring(0, 5).equalsIgnoreCase("Basic")) {
            return false;
        }
        String str3 = new String(Base64.decodeBase64(header.substring(5).getBytes()));
        int indexOf = str3.indexOf(":");
        if (indexOf != -1) {
            str = str3.substring(0, indexOf);
            str2 = str3.substring(indexOf + 1);
        } else {
            str = str3;
            str2 = "";
        }
        try {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authenticating user '" + str + "'");
            }
            Authorization authorization = new Authorization(str, str2);
            if (authorization.isTicket()) {
                this.authenticationService.validate(authorization.getTicket());
            } else {
                this.authenticationService.authenticate(str, str2.toCharArray());
            }
            final RetryingTransactionHelper.RetryingTransactionCallback<SessionUser> retryingTransactionCallback = new RetryingTransactionHelper.RetryingTransactionCallback<SessionUser>() { // from class: org.alfresco.repo.webdav.auth.SSOFallbackBasicAuthenticationDriver.1
                /* renamed from: execute, reason: merged with bridge method [inline-methods] */
                public SessionUser m190execute() throws Throwable {
                    NodeRef person = SSOFallbackBasicAuthenticationDriver.this.personService.getPerson(SSOFallbackBasicAuthenticationDriver.this.authenticationService.getCurrentUserName());
                    return new WebDAVUser((String) SSOFallbackBasicAuthenticationDriver.this.nodeService.getProperty(person, ContentModel.PROP_USERNAME), SSOFallbackBasicAuthenticationDriver.this.authenticationService.getCurrentTicket(), SSOFallbackBasicAuthenticationDriver.this.nodeService.getProperty(person, ContentModel.PROP_HOMEFOLDER));
                }
            };
            SessionUser sessionUser2 = (SessionUser) AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<SessionUser>() { // from class: org.alfresco.repo.webdav.auth.SSOFallbackBasicAuthenticationDriver.2
                /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
                public SessionUser m191doWork() throws Exception {
                    return (SessionUser) SSOFallbackBasicAuthenticationDriver.this.transactionService.getRetryingTransactionHelper().doInTransaction(retryingTransactionCallback, true);
                }
            }, "System");
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authenticated user '" + str + "'");
            }
            httpServletRequest.getSession().setAttribute(this.userAttributeName, sessionUser2);
            return true;
        } catch (AuthenticationException e2) {
            return false;
        }
    }

    @Override // org.alfresco.repo.webdav.auth.AuthenticationDriver
    public void restartLoginChallenge(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Including Basic HTTP authentication into response headers...");
        }
        httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Alfresco Server\"");
        httpServletResponse.setStatus(401);
    }
}
