package org.apache.solr.servlet.authentication;

import com.google.common.base.Preconditions;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.hadoop.security.authentication.client.AuthenticationException;
import org.apache.hadoop.security.authentication.server.AuthenticationToken;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationHandler;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator;
import org.apache.hadoop.util.StringUtils;
import org.apache.http.HttpStatus;
import org.apache.http.NameValuePair;
import org.apache.http.client.methods.HttpOptions;
import org.apache.http.client.utils.URLEncodedUtils;

/* loaded from: input_file:WEB-INF/lib/solr-core-4.10.3-cdh5.5.0.jar:org/apache/solr/servlet/authentication/DelegationTokenMultiSchemeAuthHandler.class */
public class DelegationTokenMultiSchemeAuthHandler extends DelegationTokenAuthenticationHandler {
    public static final String DELEGATION_TOKEN_SCHEMES_PROPERTY = "multi-scheme-auth-handler.delegation.schemes";
    private Set<String> delegationAuthSchemes;
    private static final Charset UTF8_CHARSET = Charset.forName("UTF-8");
    private static final Set<String> DELEGATION_TOKEN_OPS = new HashSet();

    public DelegationTokenMultiSchemeAuthHandler() {
        super(new MultiSchemeAuthenticationHandler("multi-auth-handler-dt"));
        this.delegationAuthSchemes = null;
    }

    @Override // org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationHandler, org.apache.hadoop.security.authentication.server.AuthenticationHandler
    public void init(Properties properties) throws ServletException {
        super.init(properties);
        String property = properties.getProperty(MultiSchemeAuthenticationHandler.SCHEMES_PROPERTY);
        Preconditions.checkNotNull(property);
        String property2 = properties.getProperty(DELEGATION_TOKEN_SCHEMES_PROPERTY);
        Preconditions.checkNotNull(property2);
        HashSet hashSet = new HashSet(Arrays.asList(property.split(StringUtils.COMMA_STR)));
        this.delegationAuthSchemes = new HashSet(Arrays.asList(property2.split(StringUtils.COMMA_STR)));
        Preconditions.checkArgument(hashSet.containsAll(this.delegationAuthSchemes));
    }

    @Override // org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationHandler, org.apache.hadoop.security.authentication.server.AuthenticationHandler
    public AuthenticationToken authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, AuthenticationException {
        String header = httpServletRequest.getHeader("Authorization");
        String parameter = getParameter(httpServletRequest, "op");
        if (DELEGATION_TOKEN_OPS.contains(parameter != null ? toUpperCase(parameter) : null) && !httpServletRequest.getMethod().equals(HttpOptions.METHOD_NAME)) {
            boolean z = false;
            if (header != null) {
                Iterator<String> it = this.delegationAuthSchemes.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (header.startsWith(it.next())) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                httpServletResponse.setStatus(HttpStatus.SC_UNAUTHORIZED);
                Iterator<String> it2 = this.delegationAuthSchemes.iterator();
                while (it2.hasNext()) {
                    httpServletResponse.addHeader("WWW-Authenticate", it2.next());
                }
                return null;
            }
        }
        return super.authenticate(httpServletRequest, httpServletResponse);
    }

    public static String getParameter(HttpServletRequest httpServletRequest, String str) throws IOException {
        List<NameValuePair> parse = URLEncodedUtils.parse(httpServletRequest.getQueryString(), UTF8_CHARSET);
        if (parse == null) {
            return null;
        }
        for (NameValuePair nameValuePair : parse) {
            if (str.equals(nameValuePair.getName())) {
                return nameValuePair.getValue();
            }
        }
        return null;
    }

    public static String toUpperCase(String str) {
        return str.toUpperCase(Locale.ENGLISH);
    }

    static {
        DELEGATION_TOKEN_OPS.add(DelegationTokenAuthenticator.DelegationTokenOperation.GETDELEGATIONTOKEN.toString());
        DELEGATION_TOKEN_OPS.add(DelegationTokenAuthenticator.DelegationTokenOperation.RENEWDELEGATIONTOKEN.toString());
        DELEGATION_TOKEN_OPS.add(DelegationTokenAuthenticator.DelegationTokenOperation.CANCELDELEGATIONTOKEN.toString());
    }
}
