package org.paw.handler;

import de.fun2code.android.pawserver.util.JCrypt;
import java.io.BufferedReader;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import java.util.TreeMap;
import org.apache.commons.codec.binary.Base64;
import sunlabs.brazil.server.Handler;
import sunlabs.brazil.server.Request;
import sunlabs.brazil.server.Server;
import sunlabs.brazil.util.Format;

/* loaded from: classes.dex */
public class BasicAuthHandler implements Handler {
    private static final String CONFDIR = "confdir";
    private static final String DIRS_FILE = "dirs.conf";
    private static final String USERS_FILE = "users.conf";
    String confdir;
    String prefix;
    private static String authorization = "Authorization";
    private static String authenticate = "WWW-Authenticate";
    private static String message = "Invalid credentials supplied";
    private static int code = 401;
    private TreeMap<String, String> dirsMap = new TreeMap<>();
    private TreeMap<String, String> usersMap = new TreeMap<>();

    private boolean doBasicAuth(Request request, String str) throws IOException {
        String str2 = str.split(":")[1];
        String str3 = request.headers.get(authorization);
        if (str3 == null) {
            return unauthorizedBasic(request, "Missing http header: " + authorization, str2);
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str3);
        if (!"basic".equalsIgnoreCase(stringTokenizer.nextToken())) {
            return unauthorizedBasic(request, "Non-basic realm: " + str3, str2);
        }
        String str4 = new String(Base64.decodeBase64(stringTokenizer.nextToken().getBytes()));
        try {
            String str5 = str4.split(":")[0];
            String str6 = str4.split(":")[1];
            if (userInRule(str, str5) && this.usersMap.get(str5) != null && passwordOk(str6, this.usersMap.get(str5))) {
                return true;
            }
            return unauthorizedBasic(request, message, str2);
        } catch (Exception e) {
            return unauthorizedBasic(request, message, str2);
        }
    }

    private String getDirRule(String str) {
        if (!str.endsWith("/") && !str.matches("^.*?/[^\\.]\\.[a-zA-Z]{1,}$")) {
            str = String.valueOf(str) + "/";
        }
        int i = 0;
        String[] strArr = new String[this.dirsMap.keySet().size()];
        Iterator<String> it = this.dirsMap.keySet().iterator();
        while (it.hasNext()) {
            i++;
            strArr[strArr.length - i] = it.next();
        }
        for (String str2 : strArr) {
            if (str.startsWith(String.valueOf(str2) + "/")) {
                return this.dirsMap.get(str2);
            }
        }
        return null;
    }

    private List<String> getFileAsList(File file) throws IOException {
        ArrayList arrayList = new ArrayList();
        DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(dataInputStream));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                dataInputStream.close();
                return arrayList;
            }
            arrayList.add(readLine);
        }
    }

    private boolean passwordOk(String str, String str2) {
        return JCrypt.crypt(str2.substring(0, 2), str).equals(str2);
    }

    private boolean userInRule(String str, String str2) {
        for (String str3 : str.split(":")[2].split(",")) {
            if (str3.trim().equals(str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // sunlabs.brazil.server.Handler
    public boolean init(Server server, String str) {
        this.prefix = str;
        try {
            this.confdir = server.props.getProperty(String.valueOf(str) + CONFDIR);
            if (this.confdir == null) {
                return false;
            }
            this.dirsMap = readDirsConfig();
            this.usersMap = readUsersConfig();
            return true;
        } catch (Exception e) {
            server.log(5, str, "Error in configuration: " + e.getMessage());
            return false;
        }
    }

    TreeMap<String, String> readDirsConfig() throws IOException {
        TreeMap<String, String> treeMap = new TreeMap<>();
        for (String str : getFileAsList(new File(String.valueOf(this.confdir) + File.separator + DIRS_FILE))) {
            String[] split = str.split(":");
            if (split.length == 4 && !str.startsWith("#")) {
                treeMap.put(split[0], String.valueOf(split[1]) + ":" + split[2] + ":" + split[3]);
            }
        }
        return treeMap;
    }

    TreeMap<String, String> readUsersConfig() throws IOException {
        TreeMap<String, String> treeMap = new TreeMap<>();
        for (String str : getFileAsList(new File(String.valueOf(this.confdir) + File.separator + USERS_FILE))) {
            String[] split = str.split(":");
            if (split.length == 2 && !str.startsWith("#")) {
                treeMap.put(split[0], split[1]);
            }
        }
        return treeMap;
    }

    @Override // sunlabs.brazil.server.Handler
    public boolean respond(Request request) throws IOException {
        String dirRule;
        return (this.dirsMap.size() == 0 || (dirRule = getDirRule(request.url)) == null || !dirRule.startsWith("basic") || doBasicAuth(request, dirRule)) ? false : true;
    }

    public boolean unauthorizedBasic(Request request, String str, String str2) throws IOException {
        if (authenticate.length() == 0) {
            request.log(5, this.prefix, "no authenticate?");
        } else {
            request.addHeader(authenticate, "basic realm=\"" + str2 + "\"");
            request.sendResponse(Format.subst(request.props, str), "text/html", code);
            request.log(5, this.prefix, str);
        }
        return false;
    }
}
