package coldfusion.tagext.security;

import coldfusion.filter.FusionContext;
import coldfusion.rds.RdsGlobals;
import coldfusion.runtime.ApplicationScope;
import coldfusion.runtime.Scope;
import coldfusion.runtime.SecurityScopeTracker;
import coldfusion.runtime.SecurityTable;
import coldfusion.runtime.SessionScope;
import coldfusion.tagext.GenericTag;
import coldfusion.util.UUIDUtils;
import coldfusion.wddx.Base64Encoder;
import java.io.UnsupportedEncodingException;
import javax.servlet.http.Cookie;
import javax.servlet.jsp.tagext.TagSupport;

/* loaded from: input_file:coldfusion/tagext/security/AuthenticateTag.class */
public class AuthenticateTag extends GenericTag {
    private Scope _sessionScope;
    private Scope _applicationScope;
    private SecurityTable _secTab;
    private String _name;
    private String _password;
    private String _domain;
    private String _auth;
    private FusionContext _fusionContext;
    private SecurityScopeTracker _securityScopeTracker = null;
    private String _appToken = null;
    private long _maxInactiveInterval = 1800000;
    private boolean _isNTLM = false;

    @Override // coldfusion.tagext.GenericTag
    public void release() {
        this._auth = null;
        this._name = null;
        this._password = null;
        this._domain = null;
        this._appToken = null;
        this._maxInactiveInterval = 1800000L;
        this._secTab = null;
        this._fusionContext = null;
        this._isNTLM = false;
    }

    private static final String makeSecurityToken(String str, String str2, String str3) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str);
        stringBuffer.append(":");
        stringBuffer.append(str2);
        stringBuffer.append(":");
        stringBuffer.append(str3);
        return stringBuffer.toString();
    }

    public int doStartTag() {
        String remoteUser;
        this._fusionContext = FusionContext.getCurrent();
        this._securityScopeTracker = SecurityScopeTracker.getInstance();
        String str = null;
        this._sessionScope = (Scope) ((TagSupport) this).pageContext.findAttribute("session");
        this._applicationScope = (Scope) ((TagSupport) this).pageContext.findAttribute("application");
        if (storeSecurityKeyInSession()) {
            str = (String) this._sessionScope.get(SecurityScopeTracker.SECURE_COOKIE_NAME);
        }
        if (str == null) {
            if (str == null) {
                str = SecurityScopeTracker.getSecurityCookie(((TagSupport) this).pageContext);
            }
            if (str == null) {
                String secureUsername = this._fusionContext.getSecureUsername();
                String securePassword = this._fusionContext.getSecurePassword();
                if (secureUsername != null || securePassword != null) {
                    if (secureUsername == null) {
                        secureUsername = "";
                    }
                    if (securePassword == null) {
                        securePassword = "";
                    }
                    String makeSecurityToken = makeSecurityToken(secureUsername, securePassword, getApplicationToken());
                    setName(secureUsername);
                    setPassword(securePassword);
                    str = encodeBase64(makeSecurityToken);
                }
            }
            if (str == null) {
                String str2 = (String) ((TagSupport) this).pageContext.findAttribute("j_username");
                String str3 = (String) ((TagSupport) this).pageContext.findAttribute("j_password");
                if (str2 != null) {
                    if (str3 == null) {
                        str3 = "";
                    }
                    String makeSecurityToken2 = makeSecurityToken(str2, str3, getApplicationToken());
                    setName(str2);
                    setPassword(str3);
                    str = encodeBase64(makeSecurityToken2);
                }
            }
            if (str == null) {
                str = this.request.getHeader("authorization");
                if (str != null) {
                    int indexOf = str.indexOf(" ");
                    String substring = str.substring(0, indexOf);
                    if (indexOf != -1) {
                        try {
                            if (substring.equalsIgnoreCase("BASIC")) {
                                debug("logintag: BASIC AUTH");
                                str = encodeBase64(new StringBuffer().append(decodeBase64(str.substring(indexOf + 1))).append(":").append(getApplicationToken()).toString());
                                this._auth = str;
                            }
                        } catch (Exception e) {
                            str = null;
                        }
                    }
                    if (indexOf == -1 || !(substring.equalsIgnoreCase("NEGOTIATE") || substring.equalsIgnoreCase("NTLM"))) {
                        str = null;
                    } else {
                        debug("login tag: DIGEST AUTH or NTLM");
                        str = null;
                        this._isNTLM = true;
                    }
                    this._auth = str;
                }
            }
            if (str == null) {
                return 1;
            }
        }
        this._secTab = this._securityScopeTracker.getSecurity(str);
        if (this._secTab != null) {
            if (str == null) {
                return 0;
            }
            debug(new StringBuffer().append("auth:[").append(decodeBase64(str)).append("], apptoken:[").append(getApplicationToken()).append("]").toString());
            return 0;
        }
        if (str != null) {
            String decodeBase64 = decodeBase64(str);
            debug(new StringBuffer().append("auth:[").append(decodeBase64).append("], apptoken:[").append(getApplicationToken()).append("]").toString());
            int indexOf2 = decodeBase64.indexOf(":");
            String str4 = "";
            if (indexOf2 != -1) {
                if (isDigest(decodeBase64)) {
                    remoteUser = this.request.getRemoteUser();
                    setName(remoteUser);
                } else {
                    remoteUser = decodeBase64.substring(0, indexOf2);
                    int indexOf3 = decodeBase64.indexOf(58, indexOf2 + 1);
                    if (indexOf3 == -1) {
                        indexOf3 = decodeBase64.length();
                    }
                    if (indexOf3 != decodeBase64.length()) {
                    }
                    str4 = decodeBase64.substring(indexOf2 + 1, indexOf3);
                }
                debug(new StringBuffer().append("logintag/username:").append(remoteUser).toString());
                debug(new StringBuffer().append("logintag/password:").append(str4).toString());
                ((TagSupport) this).pageContext.setAttribute("cflogin.name", remoteUser);
                ((TagSupport) this).pageContext.setAttribute("cflogin.password", str4);
            }
        }
        debug(new StringBuffer().append("unknown auth info found, executing cflogin...: ").append(((TagSupport) this).pageContext.getAttribute("cflogin")).toString());
        return 1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setRoles(SecurityTable securityTable) {
        this._secTab = securityTable;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setName(String str) {
        this._name = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setPassword(String str) {
        this._password = str;
    }

    protected String getPassword() {
        return this._password;
    }

    protected String getName() {
        return this._name;
    }

    public void setIdleTimeOut(long j) {
        this._maxInactiveInterval = j;
    }

    public void setApplicationToken(String str) {
        this._appToken = str;
    }

    private String getApplicationToken() {
        return this._appToken != null ? this._appToken : this._fusionContext.getApplicationName();
    }

    public void setCookieDomain(String str) {
        this._domain = str;
    }

    private String createBase64Token() {
        String encodeBase64;
        if (this._isNTLM) {
            encodeBase64 = encodeBase64(new StringBuffer().append(UUIDUtils.createUUID(false)).append(":").append(getApplicationToken()).append(":DIGEST-NTLM").toString());
        } else {
            encodeBase64 = encodeBase64(makeSecurityToken(this._name, this._password, getApplicationToken()));
        }
        return encodeBase64;
    }

    private void setCFAuthorizationCookie(String str) {
        Cookie createSecurityCookie = SecurityScopeTracker.createSecurityCookie(((TagSupport) this).pageContext, str);
        if (this._domain != null) {
            createSecurityCookie.setDomain(this._domain);
        }
        SecurityScopeTracker.setSecurityCookie(((TagSupport) this).pageContext, createSecurityCookie);
    }

    private static final String encodeBase64(String str) {
        byte[] bytes;
        try {
            bytes = str.getBytes(RdsGlobals.RDS_CLIENT_ENCODING);
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
        }
        return Base64Encoder.encode(bytes);
    }

    private static final boolean isDigest(String str) {
        return str.endsWith(":DIGEST-NTLM");
    }

    private static final String decodeBase64(String str) {
        String str2;
        if (isDigest(str)) {
            return str;
        }
        try {
            str2 = new String(Base64Encoder.decode(str), RdsGlobals.RDS_CLIENT_ENCODING);
        } catch (UnsupportedEncodingException e) {
            str2 = new String(Base64Encoder.decode(str));
        }
        return str2;
    }

    private final boolean storeSecurityKeyInSession() {
        boolean z = false;
        if ((this._sessionScope instanceof SessionScope) && (this._applicationScope instanceof ApplicationScope) && ((ApplicationScope) this._applicationScope).getStoreloginCredentialInSession()) {
            z = true;
        }
        return z;
    }

    private void setupSecurityContext(SecurityTable securityTable) {
        String createBase64Token = createBase64Token();
        this._securityScopeTracker.setSecurity(createBase64Token, securityTable);
        if (!storeSecurityKeyInSession()) {
            setCFAuthorizationCookie(createBase64Token);
        } else {
            this._sessionScope.put(SecurityScopeTracker.SECURE_COOKIE_NAME, createBase64Token);
            securityTable.setMaxInactiveInterval(((SessionScope) this._sessionScope).getMaxInactiveInterval() + 1);
        }
    }

    public int doEndTag() {
        try {
            if (this._secTab != null) {
                this._secTab.setAppToken(getApplicationToken());
                this._secTab.setMaxInactiveInterval(this._maxInactiveInterval);
                this._fusionContext.setSecureTable(this._secTab);
                if (this._name != null) {
                    setupSecurityContext(this._secTab);
                }
            } else {
                this._securityScopeTracker.logout(((TagSupport) this).pageContext);
            }
            return 6;
        } finally {
            ((TagSupport) this).pageContext.removeAttribute("cflogin");
        }
    }
}
