package net.os10000.bldsys.app_share;

import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.LineNumberReader;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.os10000.bldsys.lib_logger.Logger;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:net/os10000/bldsys/app_share/ServAuth.class */
public class ServAuth extends Serv {
    public String auth_dir;
    public String auth_file;
    private Pattern dir_file;

    public ServAuth(Logger logger, String str, String str2, int i) {
        super(logger, str, str2, i);
        this.dir_file = Pattern.compile("^.*/([^/]+)/([^/]*)$");
    }

    public Set fetch(File file) {
        HashSet hashSet = new HashSet();
        try {
            LineNumberReader lineNumberReader = new LineNumberReader(new FileReader(file));
            for (String readLine = lineNumberReader.readLine(); readLine != null; readLine = lineNumberReader.readLine()) {
                hashSet.add(readLine);
            }
            lineNumberReader.close();
        } catch (Exception e) {
            this.logger.log_stacktrace(e);
        }
        return hashSet;
    }

    public boolean ensure_authorisation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        boolean z = true;
        String replace = httpServletRequest.getRequestURI().replace(File.separatorChar, '/');
        Matcher matcher = this.dir_file.matcher(replace);
        if (!matcher.matches()) {
            this.logger.logln("error 404 for uri '" + replace + "'.");
            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST);
            z = false;
        }
        if (z) {
            this.auth_dir = URL_Decode(matcher.group(1));
            this.auth_file = URL_Decode(matcher.group(2));
            if (this.auth_dir.indexOf(47) > -1 || this.auth_file.indexOf(47) > -1 || this.auth_dir.indexOf(92) > -1 || this.auth_file.indexOf(92) > -1) {
                this.logger.logln("error 403 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'.");
                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
                z = false;
            }
        }
        if (z && this.auth_file.indexOf("pwd.txt") > -1) {
            this.logger.logln("error 403 for dir='" + this.auth_dir + "', file='" + this.auth_file + "' (not allowed to read 'pwd.txt').");
            httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
            z = false;
        }
        File file = null;
        if (z) {
            file = new File(new File(pfx_files + File.separator + this.auth_dir), "pwd.txt");
            if (!file.canRead()) {
                this.logger.logln("error 403 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; there is no file 'pwd.txt' in this directory.");
                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
                z = false;
            }
        }
        String str = "";
        if (z) {
            str = httpServletRequest.getHeader("Authorization");
            if (str == null) {
                this.logger.logln("error 401 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; there is no authentication header.");
                httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + this.auth_dir + "\"");
                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
                z = false;
            }
        }
        if (z && !str.startsWith("Basic ")) {
            this.logger.logln("error 503 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; auth='" + str + "' (only basic authentication).");
            httpServletResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
            z = false;
        }
        if (z && str.length() < 7) {
            this.logger.logln("error 404 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; auth='" + str + "' (nothing after 'Basic'.");
            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST);
            z = false;
        }
        String str2 = "";
        if (z) {
            try {
                str2 = new String(new BASE64Decoder().decodeBuffer(str.substring(6)));
            } catch (Exception e) {
                this.logger.logln("error 404 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; auth='" + str + "' (argument not BASE64.");
                httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST);
                z = false;
            }
        }
        if (z && !fetch(file).contains(str2)) {
            this.logger.logln("error 401 for dir='" + this.auth_dir + "', file='" + this.auth_file + "'; auth='" + str + "', both='" + str2 + "', (uid/pwd don't in 'pwd.txt').");
            httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + this.auth_dir + "\"");
            httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            z = false;
        }
        return z;
    }
}
