package pygmy.handlers;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import net.sf.ooweb.util.Codes;
import pygmy.core.AbstractHandler;
import pygmy.core.ConfigOption;
import pygmy.core.Handler;
import pygmy.core.Http;
import pygmy.core.HttpRequest;
import pygmy.core.HttpResponse;
import pygmy.core.Server;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:pygmy-handlers.jar:pygmy/handlers/BasicWebAuthHandler.class */
public class BasicWebAuthHandler extends AbstractHandler implements Handler {
    private Properties users;
    private static final Logger log = Logger.getLogger(BasicWebAuthHandler.class.getName());
    public static final ConfigOption REALM_OPTION = new ConfigOption("realm", "", "The default realm to authenticate against.");
    public static final ConfigOption USERS_OPTION = new ConfigOption("users", true, "The file used to authenticate users.");

    @Override // pygmy.core.AbstractHandler, pygmy.core.Handler
    public boolean initialize(String str, Server server) {
        super.initialize(str, server);
        this.users = new Properties();
        return loadProperties();
    }

    private boolean loadProperties() {
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(USERS_OPTION.getProperty(this.server, this.handlerName)));
            this.users.load(bufferedInputStream);
            bufferedInputStream.close();
            return true;
        } catch (IOException e) {
            log.log(Level.SEVERE, "loadPropeties failed due to IOException.", (Throwable) e);
            return false;
        }
    }

    @Override // pygmy.core.AbstractHandler
    protected boolean handleBody(HttpRequest httpRequest, HttpResponse httpResponse) throws IOException {
        int indexOf;
        String requestHeader = httpRequest.getRequestHeader(Codes.AUTHORIZATION);
        if (requestHeader != null && (indexOf = requestHeader.indexOf(" ")) >= -1) {
            String[] split = new String(new BASE64Decoder().decodeBuffer(requestHeader.substring(indexOf + 1))).split(":");
            try {
                if (this.users.containsKey(split[0]) && isPasswordVerified(split)) {
                    return false;
                }
                log.severe("Access denied for user " + split[0]);
                return askForAuthorization(httpRequest, httpResponse);
            } catch (NoSuchAlgorithmException e) {
                log.log(Level.SEVERE, "Authorization failed due to NoSuchAlgorithmException.", (Throwable) e);
                httpResponse.sendError(Codes.INTERNAL_SERVER_ERROR, Http.getStatusPhrase(Codes.INTERNAL_SERVER_ERROR));
                return true;
            }
        }
        return askForAuthorization(httpRequest, httpResponse);
    }

    private boolean isPasswordVerified(String[] strArr) throws NoSuchAlgorithmException {
        return hashPassword(strArr[1]).equals(this.users.getProperty(strArr[0]));
    }

    private boolean askForAuthorization(HttpRequest httpRequest, HttpResponse httpResponse) {
        httpResponse.addHeader(Codes.WWW_AUTHENTICATE, "Basic realm=\"" + REALM_OPTION.getProperty(this.server, this.handlerName) + "\"");
        httpResponse.sendError(Codes.UNAUTHORIZED, Http.getStatusPhrase(Codes.UNAUTHORIZED));
        return true;
    }

    private static String hashPassword(String str) throws NoSuchAlgorithmException {
        return new BASE64Encoder().encode(MessageDigest.getInstance("MD5").digest(str.getBytes()));
    }

    public static void main(String[] strArr) throws IOException, NoSuchAlgorithmException {
        if (strArr.length < 3) {
            System.out.println("Usage: BasicWebAuthHandler <file> <user> <password>");
            return;
        }
        File file = new File(strArr[0]);
        Properties properties = new Properties();
        if (file.exists()) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            properties.load(bufferedInputStream);
            bufferedInputStream.close();
        }
        System.out.println("Creating hash for " + strArr[1]);
        properties.setProperty(strArr[1], hashPassword(strArr[2]));
        System.out.println("Writing password for " + strArr[1]);
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
        properties.store(bufferedOutputStream, "");
        bufferedOutputStream.flush();
        bufferedOutputStream.close();
        System.out.println("done");
    }

    @Override // pygmy.core.AbstractHandler, pygmy.core.Handler
    public boolean shutdown(Server server) {
        return false;
    }
}
