package org.alfresco.filesys.auth.ftp;

import javax.transaction.UserTransaction;
import org.alfresco.config.ConfigElement;
import org.alfresco.filesys.AlfrescoConfigSection;
import org.alfresco.filesys.alfresco.AlfrescoClientInfo;
import org.alfresco.jlan.ftp.FTPAuthenticator;
import org.alfresco.jlan.ftp.FTPSrvSession;
import org.alfresco.jlan.server.SrvSession;
import org.alfresco.jlan.server.auth.ClientInfo;
import org.alfresco.jlan.server.auth.PasswordEncryptor;
import org.alfresco.jlan.server.config.InvalidConfigurationException;
import org.alfresco.jlan.server.config.ServerConfiguration;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.MD4PasswordEncoder;
import org.alfresco.repo.security.authentication.MD4PasswordEncoderImpl;
import org.alfresco.repo.security.authentication.NTLMMode;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.transaction.TransactionService;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository.jar:org/alfresco/filesys/auth/ftp/AlfrescoFtpAuthenticator.class */
public class AlfrescoFtpAuthenticator implements FTPAuthenticator {
    protected static final Log logger = LogFactory.getLog("org.alfresco.ftp.protocol.auth");
    protected MD4PasswordEncoder m_md4Encoder = new MD4PasswordEncoderImpl();
    protected PasswordEncryptor m_encryptor = new PasswordEncryptor();
    private AlfrescoConfigSection m_alfrescoConfig;

    @Override // org.alfresco.jlan.ftp.FTPAuthenticator
    public void initialize(ServerConfiguration serverConfiguration, ConfigElement configElement) throws InvalidConfigurationException {
        this.m_alfrescoConfig = (AlfrescoConfigSection) serverConfiguration.getConfigSection("Alfresco");
        if (this.m_alfrescoConfig == null || getAuthenticationComponent() == null) {
            throw new InvalidConfigurationException("Authentication component not available");
        }
    }

    @Override // org.alfresco.jlan.ftp.FTPAuthenticator
    public boolean authenticateUser(ClientInfo clientInfo, FTPSrvSession fTPSrvSession) {
        if (!(clientInfo instanceof AlfrescoClientInfo)) {
            return false;
        }
        boolean z = false;
        UserTransaction userTransaction = null;
        try {
            try {
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        if (userTransaction.getStatus() == 1) {
                            userTransaction.rollback();
                        } else {
                            userTransaction.commit();
                        }
                    } catch (Exception e) {
                    }
                }
                throw th;
            }
        } catch (Exception e2) {
            if (logger.isDebugEnabled()) {
                logger.debug(e2);
            }
            if (0 != 0) {
                try {
                    if (userTransaction.getStatus() == 1) {
                        userTransaction.rollback();
                    } else {
                        userTransaction.commit();
                    }
                } catch (Exception e3) {
                }
            }
        }
        if (clientInfo.isGuest()) {
            doGuestLogon((AlfrescoClientInfo) clientInfo, fTPSrvSession);
            if (logger.isDebugEnabled()) {
                logger.debug("Authenticated user " + clientInfo.getUserName() + " sts=true");
            }
            if (0 != 0) {
                try {
                    if (userTransaction.getStatus() == 1) {
                        userTransaction.rollback();
                    } else {
                        userTransaction.commit();
                    }
                } catch (Exception e4) {
                }
            }
            return true;
        }
        UserTransaction userTransaction2 = getTransactionService().getUserTransaction(false);
        userTransaction2.begin();
        z = doMD4UserAuthentication(clientInfo, fTPSrvSession);
        if (userTransaction2 != null) {
            try {
                if (userTransaction2.getStatus() == 1) {
                    userTransaction2.rollback();
                } else {
                    userTransaction2.commit();
                }
            } catch (Exception e5) {
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Authenticated user " + clientInfo.getUserName() + " sts=" + z + " via " + (getAuthenticationComponent().getNTLMMode() == NTLMMode.MD4_PROVIDER ? "MD4" : "Passthru"));
        }
        return z;
    }

    protected void doGuestLogon(AlfrescoClientInfo alfrescoClientInfo, SrvSession srvSession) {
        getAuthenticationService().authenticateAsGuest();
        alfrescoClientInfo.setAuthenticationToken(getAuthenticationComponent().getCurrentAuthentication());
        alfrescoClientInfo.setGuest(true);
    }

    private final boolean doMD4UserAuthentication(ClientInfo clientInfo, SrvSession srvSession) {
        String mD4HashedPassword = getAuthenticationComponent().getMD4HashedPassword(clientInfo.getUserName());
        if (mD4HashedPassword == null || clientInfo.getPassword() == null) {
            return false;
        }
        if (mD4HashedPassword.equals(this.m_md4Encoder.encodePassword(clientInfo.getPasswordAsString(), null))) {
            if (logger.isInfoEnabled()) {
                logger.info("Logged on user " + clientInfo.getUserName() + " ( address " + srvSession.getRemoteAddress() + ")");
            }
            ((AlfrescoClientInfo) clientInfo).setAuthenticationToken(getAuthenticationComponent().setCurrentUser(clientInfo.getUserName()));
            return true;
        }
        if (!logger.isDebugEnabled()) {
            return false;
        }
        logger.debug("Password mismatch for user " + clientInfo.getUserName());
        return false;
    }

    protected final AuthenticationComponent getAuthenticationComponent() {
        return this.m_alfrescoConfig.getAuthenticationComponent();
    }

    protected final AuthenticationService getAuthenticationService() {
        return this.m_alfrescoConfig.getAuthenticationService();
    }

    protected final TransactionService getTransactionService() {
        return this.m_alfrescoConfig.getTransactionService();
    }

    @Override // org.alfresco.jlan.ftp.FTPAuthenticator
    public void closeAuthenticator() {
    }
}
