package uk.ac.rdg.resc.edal.ncwms;

import com.sleepycat.je.rep.utilint.HostPortPair;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Random;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.util.JSONUtils;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.httpclient.auth.AuthPolicy;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/uk/ac/rdg/resc/edal/ncwms/NcwmsDigestAuthServlet.class */
public abstract class NcwmsDigestAuthServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final Logger log = LoggerFactory.getLogger(NcwmsDigestAuthServlet.class);
    private String authMethod = "auth";
    private String userName = "admin";
    private String password = null;
    private String realm = "Login required to administer ncWMS";
    public String nonce = calculateNonce();
    public ScheduledExecutorService nonceRefreshExecutor = Executors.newScheduledThreadPool(1);

    public NcwmsDigestAuthServlet() throws IOException, Exception {
        this.nonceRefreshExecutor.scheduleAtFixedRate(new Runnable() { // from class: uk.ac.rdg.resc.edal.ncwms.NcwmsDigestAuthServlet.1
            @Override // java.lang.Runnable
            public void run() {
                NcwmsDigestAuthServlet.this.nonce = NcwmsDigestAuthServlet.this.calculateNonce();
            }
        }, 1L, 5L, TimeUnit.MINUTES);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setPassword(String str) {
        this.password = str;
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void destroy() {
        super.destroy();
        this.nonceRefreshExecutor.shutdownNow();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String md5Hex;
        String header = httpServletRequest.getHeader("Authorization");
        if (StringUtils.isBlank(header) || StringUtils.isBlank(this.password)) {
            httpServletResponse.addHeader("WWW-Authenticate", getAuthenticateHeader());
            httpServletResponse.sendError(401);
            if (!StringUtils.isBlank(this.password)) {
                return false;
            }
            log.error("Admin password has not been set - admin pages are not accessible");
            return false;
        }
        if (!header.startsWith(AuthPolicy.DIGEST)) {
            httpServletResponse.sendError(401, " This Servlet only supports Digest Authorization");
            return false;
        }
        HashMap<String, String> parseHeader = parseHeader(header);
        String method = httpServletRequest.getMethod();
        String md5Hex2 = DigestUtils.md5Hex(this.userName + HostPortPair.SEPARATOR + this.realm + HostPortPair.SEPARATOR + this.password);
        String str = parseHeader.get("qop");
        String md5Hex3 = DigestUtils.md5Hex(method + HostPortPair.SEPARATOR + parseHeader.get("uri"));
        if (StringUtils.isBlank(str)) {
            md5Hex = DigestUtils.md5Hex(md5Hex2 + HostPortPair.SEPARATOR + this.nonce + HostPortPair.SEPARATOR + md5Hex3);
        } else {
            md5Hex = DigestUtils.md5Hex(md5Hex2 + HostPortPair.SEPARATOR + this.nonce + HostPortPair.SEPARATOR + parseHeader.get("nc") + HostPortPair.SEPARATOR + parseHeader.get("cnonce") + HostPortPair.SEPARATOR + str + HostPortPair.SEPARATOR + md5Hex3);
        }
        if (md5Hex.equals(parseHeader.get("response"))) {
            return true;
        }
        httpServletResponse.addHeader("WWW-Authenticate", getAuthenticateHeader());
        httpServletResponse.sendError(401);
        return false;
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public String getServletInfo() {
        return "This Servlet Implements The HTTP Digest Auth as per RFC2617";
    }

    private HashMap<String, String> parseHeader(String str) {
        String trim = str.substring(str.indexOf(" ") + 1).trim();
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str2 : trim.split(",")) {
            if (str2.contains("=")) {
                hashMap.put(str2.substring(0, str2.indexOf("=")).trim(), str2.substring(str2.indexOf("=") + 1).replaceAll(JSONUtils.DOUBLE_QUOTE, "").trim());
            }
        }
        return hashMap;
    }

    private String getAuthenticateHeader() {
        String str = "Digest realm=\"" + this.realm + "\",";
        if (!StringUtils.isBlank(this.authMethod)) {
            str = str + "qop=" + this.authMethod + ",";
        }
        return (str + "nonce=\"" + this.nonce + "\",") + "opaque=\"" + getOpaque(this.realm, this.nonce) + JSONUtils.DOUBLE_QUOTE;
    }

    public String calculateNonce() {
        return DigestUtils.md5Hex(new SimpleDateFormat("yyyy:MM:dd:hh:mm:ss").format(new Date()) + Integer.valueOf(new Random(100000L).nextInt()).toString());
    }

    private String getOpaque(String str, String str2) {
        return DigestUtils.md5Hex(str + str2);
    }

    private String readRequestBody(HttpServletRequest httpServletRequest) throws IOException {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            try {
                ServletInputStream inputStream = httpServletRequest.getInputStream();
                if (inputStream != null) {
                    bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                    char[] cArr = new char[128];
                    while (true) {
                        int read = bufferedReader.read(cArr);
                        if (read <= 0) {
                            break;
                        }
                        sb.append(cArr, 0, read);
                    }
                } else {
                    sb.append("");
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        throw e;
                    }
                }
                return sb.toString();
            } catch (IOException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                    throw e3;
                }
            }
            throw th;
        }
    }
}
