package org.apache.cocoon.auth.impl;

import java.util.List;
import java.util.Map;
import org.apache.avalon.framework.activity.Disposable;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.cocoon.auth.AbstractSecurityHandler;
import org.apache.cocoon.auth.StandardUser;
import org.apache.cocoon.auth.User;
import org.apache.cocoon.components.source.SourceUtil;
import org.apache.cocoon.transformation.LDAPTransformer;
import org.apache.cocoon.util.NetUtils;
import org.apache.excalibur.source.Source;
import org.apache.excalibur.source.SourceException;
import org.apache.excalibur.source.SourceParameters;
import org.apache.excalibur.source.SourceResolver;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/cocoon-auth-block.jar:org/apache/cocoon/auth/impl/PipelineSecurityHandler.class */
public class PipelineSecurityHandler extends AbstractSecurityHandler implements Serviceable, Disposable {
    protected ServiceManager manager;
    protected SourceResolver resolver;
    protected Configuration config;
    protected Context context;

    /* loaded from: input_file:WEB-INF/lib/cocoon-auth-block.jar:org/apache/cocoon/auth/impl/PipelineSecurityHandler$PipelineSHUser.class */
    public static class PipelineSHUser extends StandardUser {
        protected final Document userInfo;
        protected List roles;

        public PipelineSHUser(Document document, String str) {
            super(str);
            this.userInfo = document;
            calculateContextInfo();
        }

        public Document getUserInfo() {
            return this.userInfo;
        }

        protected void calculateContextInfo() {
            SourceParameters sourceParameters = new SourceParameters();
            addParametersFromAuthenticationXML("/data", sourceParameters);
            addParametersFromAuthenticationXML(null, sourceParameters);
            Parameters firstParameters = sourceParameters.getFirstParameters();
            String[] names = firstParameters.getNames();
            if (names != null) {
                for (String str : names) {
                    String parameter = firstParameters.getParameter(str, null);
                    if (parameter != null) {
                        setAttribute(str, parameter);
                    }
                }
            }
        }

        private void addParametersFromAuthenticationXML(String str, SourceParameters sourceParameters) {
            NodeList childNodes;
            Element documentElement = this.userInfo.getDocumentElement();
            if (str != null) {
                NodeList elementsByTagName = documentElement.getElementsByTagName(str);
                documentElement = elementsByTagName.getLength() > 0 ? (Element) elementsByTagName.item(0) : null;
            }
            if (documentElement == null || (childNodes = documentElement.getChildNodes()) == null) {
                return;
            }
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1) {
                    item.normalize();
                    NodeList childNodes2 = item.getChildNodes();
                    String nodeName = item.getNodeName();
                    StringBuffer stringBuffer = new StringBuffer();
                    for (int i2 = 0; i2 < childNodes2.getLength(); i2++) {
                        Node item2 = childNodes2.item(i2);
                        if (item2.getNodeType() == 3) {
                            if (stringBuffer.length() > 0) {
                                stringBuffer.append(' ');
                            }
                            stringBuffer.append(item2.getNodeValue());
                        }
                    }
                    String trim = stringBuffer.toString().trim();
                    if (nodeName != null && trim != null && trim.length() > 0) {
                        sourceParameters.setParameter(nodeName, trim);
                    }
                }
            }
        }
    }

    @Override // org.apache.cocoon.auth.AbstractSecurityHandler, org.apache.avalon.framework.context.Contextualizable
    public void contextualize(Context context) throws ContextException {
        super.contextualize(context);
        this.context = context;
    }

    @Override // org.apache.cocoon.auth.AbstractSecurityHandler, org.apache.avalon.framework.configuration.Configurable
    public void configure(Configuration configuration) throws ConfigurationException {
        super.configure(configuration);
        this.config = configuration;
    }

    protected String isValidAuthenticationDocument(Document document) {
        String str = null;
        Element documentElement = document.getDocumentElement();
        if (documentElement.getNodeName().equals(LDAPTransformer.MAGIC_AUTHENTICATION_ELEMENT) && documentElement.hasChildNodes()) {
            NodeList childNodes = documentElement.getChildNodes();
            boolean z = false;
            int i = 0;
            Node node = null;
            while (!z && i < childNodes.getLength()) {
                node = childNodes.item(i);
                if (node.getNodeType() == 1 && node.getNodeName().equals("ID")) {
                    z = true;
                } else {
                    i++;
                }
            }
            if (z) {
                node.normalize();
                if (node.hasChildNodes() && node.getChildNodes().getLength() == 1 && node.getFirstChild().getNodeType() == 3) {
                    String trim = node.getFirstChild().getNodeValue().trim();
                    if (trim.length() > 0) {
                        str = trim;
                    }
                }
            }
        }
        return str;
    }

    @Override // org.apache.cocoon.auth.SecurityHandler
    public User login(Map map) throws Exception {
        String isValidAuthenticationDocument;
        String value = this.config.getChild("authentication-resource").getValue();
        Parameters parameters = (Parameters) map.get("parameters");
        if (parameters != null) {
            StringBuffer stringBuffer = new StringBuffer(value);
            boolean z = value.indexOf(63) != -1;
            for (String str : parameters.getNames()) {
                String parameter = parameters.getParameter(str);
                if (z) {
                    stringBuffer.append('&');
                } else {
                    stringBuffer.append('?');
                    z = true;
                }
                stringBuffer.append(str).append('=').append(NetUtils.encode(parameter, "utf-8"));
            }
            value = stringBuffer.toString();
        }
        PipelineSHUser pipelineSHUser = null;
        Source source = null;
        try {
            try {
                source = SourceUtil.getSource(value, null, null, this.resolver);
                Document dom = SourceUtil.toDOM(source);
                this.resolver.release(source);
                if (dom != null && (isValidAuthenticationDocument = isValidAuthenticationDocument(dom)) != null) {
                    pipelineSHUser = new PipelineSHUser(dom, isValidAuthenticationDocument);
                }
                return pipelineSHUser;
            } catch (SourceException e) {
                throw SourceUtil.handle(e);
            }
        } catch (Throwable th) {
            this.resolver.release(source);
            throw th;
        }
    }

    @Override // org.apache.avalon.framework.service.Serviceable
    public void service(ServiceManager serviceManager) throws ServiceException {
        this.manager = serviceManager;
        this.resolver = (SourceResolver) this.manager.lookup(SourceResolver.ROLE);
    }

    @Override // org.apache.avalon.framework.activity.Disposable
    public void dispose() {
        if (this.manager != null) {
            this.manager.release(this.resolver);
            this.manager = null;
            this.resolver = null;
        }
    }

    @Override // org.apache.cocoon.auth.SecurityHandler
    public void logout(Map map, User user) {
        String value = this.config.getChild("logout-resource").getValue(null);
        if (value != null) {
            Source source = null;
            try {
                try {
                    source = SourceUtil.getSource(value, null, null, this.resolver);
                    SourceUtil.toDOM(source);
                    this.resolver.release(source);
                } catch (Exception e) {
                    getLogger().warn(new StringBuffer().append("Exception during logout of user: ").append(user.getId()).toString(), e);
                    this.resolver.release(source);
                }
            } catch (Throwable th) {
                this.resolver.release(source);
                throw th;
            }
        }
    }
}
