package org.mortbay.http;

import com.ibm.icu.impl.locale.LanguageTag;
import java.io.IOException;
import java.io.Serializable;
import java.security.Principal;
import java.util.Collections;
import java.util.List;
import org.apache.commons.logging.Log;
import org.mortbay.jetty.servlet.FormAuthenticator;
import org.mortbay.log.LogFactory;
import org.mortbay.util.LazyList;

/* loaded from: input_file:ingrid-interface-search-5.7.1/lib/org.mortbay.jetty-5.1.8.jar:org/mortbay/http/SecurityConstraint.class */
public class SecurityConstraint implements Cloneable, Serializable {
    private static Log log;
    public static final String __BASIC_AUTH = "BASIC";
    public static final String __FORM_AUTH = "FORM";
    public static final String __DIGEST_AUTH = "DIGEST";
    public static final String __CERT_AUTH = "CLIENT_CERT";
    public static final String __CERT_AUTH2 = "CLIENT-CERT";
    public static final int DC_UNSET = -1;
    public static final int DC_NONE = 0;
    public static final int DC_INTEGRAL = 1;
    public static final int DC_CONFIDENTIAL = 2;
    public static final String NONE = "NONE";
    public static final String ANY_ROLE = "*";
    public static final Nobody __NOBODY;
    private String _name;
    private Object _methods;
    private Object _roles;
    private int _dataConstraint = -1;
    private boolean _anyRole = false;
    private boolean _authenticate = false;
    private transient List _umMethods;
    private transient List _umRoles;
    static Class class$org$mortbay$http$SecurityConstraint;

    /* loaded from: input_file:ingrid-interface-search-5.7.1/lib/org.mortbay.jetty-5.1.8.jar:org/mortbay/http/SecurityConstraint$Nobody.class */
    public static class Nobody implements Principal {
        @Override // java.security.Principal
        public String getName() {
            return "Nobody";
        }
    }

    public SecurityConstraint() {
    }

    public SecurityConstraint(String str, String str2) {
        setName(str);
        addRole(str2);
    }

    public void setName(String str) {
        this._name = str;
    }

    public synchronized void addMethod(String str) {
        this._methods = LazyList.add(this._methods, str);
    }

    public List getMethods() {
        if (this._umMethods == null && this._methods != null) {
            this._umMethods = Collections.unmodifiableList(LazyList.getList(this._methods));
        }
        return this._umMethods;
    }

    public boolean forMethod(String str) {
        if (this._methods == null) {
            return true;
        }
        for (int i = 0; i < LazyList.size(this._methods); i++) {
            if (LazyList.get(this._methods, i).equals(str)) {
                return true;
            }
        }
        return false;
    }

    public synchronized void addRole(String str) {
        this._authenticate = true;
        if ("*".equals(str)) {
            this._roles = null;
            this._umRoles = null;
            this._anyRole = true;
        } else {
            if (this._anyRole) {
                return;
            }
            this._roles = LazyList.add(this._roles, str);
        }
    }

    public boolean isAnyRole() {
        return this._anyRole;
    }

    public List getRoles() {
        if (this._umRoles == null && this._roles != null) {
            this._umRoles = Collections.unmodifiableList(LazyList.getList(this._roles));
        }
        return this._umRoles;
    }

    public boolean hasRole(String str) {
        return LazyList.contains(this._roles, str);
    }

    public void setAuthenticate(boolean z) {
        this._authenticate = z;
    }

    public boolean getAuthenticate() {
        return this._authenticate;
    }

    public boolean isForbidden() {
        return this._authenticate && !this._anyRole && LazyList.size(this._roles) == 0;
    }

    public void setDataConstraint(int i) {
        if (i < 0 || i > 2) {
            throw new IllegalArgumentException("Constraint out of range");
        }
        this._dataConstraint = i;
    }

    public int getDataConstraint() {
        return this._dataConstraint;
    }

    public boolean hasDataConstraint() {
        return this._dataConstraint >= 0;
    }

    public Object clone() throws CloneNotSupportedException {
        SecurityConstraint securityConstraint = (SecurityConstraint) super.clone();
        securityConstraint._umMethods = null;
        securityConstraint._umRoles = null;
        return securityConstraint;
    }

    public String toString() {
        return new StringBuffer().append("SC{").append(this._name).append(",").append(this._methods).append(",").append(this._anyRole ? "*" : this._roles == null ? LanguageTag.SEP : this._roles.toString()).append(",").append(this._dataConstraint == 0 ? "NONE}" : this._dataConstraint == 1 ? "INTEGRAL}" : "CONFIDENTIAL}").toString();
    }

    public static boolean check(List list, Authenticator authenticator, UserRealm userRealm, String str, HttpRequest httpRequest, HttpResponse httpResponse) throws HttpException, IOException {
        int i = 0;
        Object obj = null;
        boolean z = false;
        boolean z2 = false;
        for (int i2 = 0; i2 < list.size(); i2++) {
            SecurityConstraint securityConstraint = (SecurityConstraint) list.get(i2);
            if (securityConstraint.forMethod(httpRequest.getMethod())) {
                if (i <= -1 || !securityConstraint.hasDataConstraint()) {
                    i = -1;
                } else if (securityConstraint.getDataConstraint() > i) {
                    i = securityConstraint.getDataConstraint();
                }
                if (!z && 0 == 0) {
                    if (!securityConstraint.getAuthenticate()) {
                        z = true;
                    } else if (securityConstraint.isAnyRole()) {
                        obj = "*";
                    } else {
                        List roles = securityConstraint.getRoles();
                        if (roles == null || roles.size() == 0) {
                            z2 = true;
                            break;
                        }
                        if (obj != "*") {
                            obj = LazyList.addCollection(obj, roles);
                        }
                    }
                }
            }
        }
        if (z2 && (!(authenticator instanceof FormAuthenticator) || !((FormAuthenticator) authenticator).isLoginOrErrorPage(str))) {
            HttpContext.sendContextError(httpResponse, 403, null);
            return false;
        }
        if (i > 0) {
            HttpConnection httpConnection = httpRequest.getHttpConnection();
            HttpListener listener = httpConnection.getListener();
            switch (i) {
                case 1:
                    if (!listener.isIntegral(httpConnection)) {
                        if (listener.getIntegralPort() <= 0) {
                            HttpContext.sendContextError(httpResponse, 403, null);
                            return false;
                        }
                        String stringBuffer = new StringBuffer().append(listener.getIntegralScheme()).append("://").append(httpRequest.getHost()).append(":").append(listener.getIntegralPort()).append(httpRequest.getPath()).toString();
                        if (httpRequest.getQuery() != null) {
                            stringBuffer = new StringBuffer().append(stringBuffer).append("?").append(httpRequest.getQuery()).toString();
                        }
                        httpResponse.setContentLength(0);
                        httpResponse.sendRedirect(stringBuffer);
                        return false;
                    }
                    break;
                case 2:
                    if (!listener.isConfidential(httpConnection)) {
                        if (listener.getConfidentialPort() <= 0) {
                            HttpContext.sendContextError(httpResponse, 403, null);
                            return false;
                        }
                        String stringBuffer2 = new StringBuffer().append(listener.getConfidentialScheme()).append("://").append(httpRequest.getHost()).append(":").append(listener.getConfidentialPort()).append(httpRequest.getPath()).toString();
                        if (httpRequest.getQuery() != null) {
                            stringBuffer2 = new StringBuffer().append(stringBuffer2).append("?").append(httpRequest.getQuery()).toString();
                        }
                        httpResponse.setContentLength(0);
                        httpResponse.sendRedirect(stringBuffer2);
                        return false;
                    }
                    break;
                default:
                    HttpContext.sendContextError(httpResponse, 403, null);
                    return false;
            }
        }
        if (z || obj == null) {
            httpRequest.setUserPrincipal(HttpRequest.__NOT_CHECKED);
            return true;
        }
        if (userRealm == null) {
            HttpContext.sendContextError(httpResponse, 500, "Configuration error");
            return false;
        }
        Principal principal = null;
        if (httpRequest.getAuthType() != null && httpRequest.getAuthUser() != null) {
            principal = httpRequest.getUserPrincipal();
            if (principal == null) {
                principal = userRealm.authenticate(httpRequest.getAuthUser(), null, httpRequest);
            }
            if (principal == null && authenticator != null) {
                principal = authenticator.authenticate(userRealm, str, httpRequest, httpResponse);
            }
        } else if (authenticator != null) {
            principal = authenticator.authenticate(userRealm, str, httpRequest, httpResponse);
        } else {
            log.warn(new StringBuffer().append("Mis-configured Authenticator for ").append(httpRequest.getPath()).toString());
            HttpContext.sendContextError(httpResponse, 500, "Configuration error");
        }
        if (principal == null) {
            return false;
        }
        if (principal == __NOBODY || obj == "*") {
            return true;
        }
        boolean z3 = false;
        int size = LazyList.size(obj);
        while (true) {
            int i3 = size;
            size = i3 - 1;
            if (i3 > 0) {
                if (userRealm.isUserInRole(principal, (String) LazyList.get(obj, size))) {
                    z3 = true;
                }
            }
        }
        if (z3) {
            return true;
        }
        log.warn(new StringBuffer().append("AUTH FAILURE: role for ").append(principal.getName()).toString());
        if ("BASIC".equalsIgnoreCase(authenticator.getAuthMethod())) {
            ((BasicAuthenticator) authenticator).sendChallenge(userRealm, httpResponse);
            return false;
        }
        HttpContext.sendContextError(httpResponse, 403, "User not in required role");
        return false;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$mortbay$http$SecurityConstraint == null) {
            cls = class$("org.mortbay.http.SecurityConstraint");
            class$org$mortbay$http$SecurityConstraint = cls;
        } else {
            cls = class$org$mortbay$http$SecurityConstraint;
        }
        log = LogFactory.getLog(cls);
        __NOBODY = new Nobody();
    }
}
