package com.ibm.commerce.payment.realm;

import com.ibm.etill.framework.clientapi.Base64utils;
import com.ibm.etill.framework.clientapi.LDAPUserConverter;
import com.ibm.etill.framework.payapi.PaymentAPIConstants;
import com.ibm.etill.framework.realm.PaymentServletRealm;
import com.ibm.etill.framework.realm.RealmException;
import com.ibm.etill.framework.realm.UserList;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.PasswordAuthentication;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;

/* JADX WARN: Classes with same name are omitted:
  input_file:was/wc55PRO_fp4_os400.jar:ptfs/wc55PRO_fp4_os400/components/commerce.server/update.jar:/Order-OrderCaptureLogic.jarcom/ibm/commerce/payment/realm/WCSRealm.class
 */
/* loaded from: input_file:wc/wc55PRO_fp4_os400.jar:ptfs/wc55PRO_fp4_os400/components/commerce.server/update.jar:/wc.ear/Order-OrderCaptureLogic.jarcom/ibm/commerce/payment/realm/WCSRealm.class */
public class WCSRealm extends PaymentServletRealm {
    private static final String COPYRIGHT = "(c) Copyright International Business Machines Corporation 2000,2001,2003";
    public static final String CLASSNAME;
    private static String WCS_WEBPATH;
    private static String CMD_VALIDATE_AUTHSTRING;
    private static String CMD_VALIDATE_PASSWORD;
    private static String CMD_VERIFY_USER;
    private static String CMD_LIST_USER;
    private static final String PARAM_NAME_AUTHSTRING = "authstring";
    private static final String PARAM_NAME_USERNAME = "name";
    private static final String PARAM_NAME_PASSWORD = "password";
    private static final String PARAM_NAME_FILTER = "filter";
    private static final String PARAM_NAME_LIMIT = "limit";
    private static final String PARAM_NAME_AUTHNAME = "authname";
    private static final String AUTHENTICATOR_CURRENT = "current";
    private static final String NORMAL_SEPARATOR = ",";
    private static final String LDAP_NAMES_SEPARATOR = ";";
    private static final String LDAP_NAMES_PREFIX = "MATCHING_DNS:";
    private static final String NVP_KEY_FOR_PASSWORD_PARAM = "password=";
    private static final String MASK_FOR_PASSWORD_VALUE = "***";
    private static final int MAX_RETURNABLE_USERS = 50;
    private static final boolean CASESENSITIVE = true;
    private static final String DEFAULT_USERCACHE_RECORD_LIFE_SECONDS = "120";
    private static final String DEFAULT_USERCACHE_SIZE = "150";
    private static final String DEFAULT_WCS_WEBSERVER_PORT = "80";
    private static final String DEFAULT_WCS_WEBSERVER_SSL_PORT = "443";
    private static final String CONST_LOCAL_HOST = "localhost";
    private static final String PROP_WCS_USER_CACHE_SIZE = "WCSUserCacheSize";
    private static final String PROP_WCS_USER_CACHE_LIFE = "WCSUserCacheLife";
    private static final String PROP_WCS_WEB_SERVER_PORT = "WCSWebServerPort";
    private static final String PROP_USE_NON_SSL_CLIENT = "UseNonSSLWCSClient";
    private static final String PROP_WCS_HOSTNAME = "WCSHostName";
    private static final String PROP_WCS_WEBPATH = "WCSWebPath";
    private static final String PROP_REALM_FILE = "RealmFile";
    private Hashtable ihshNamePasswordCache;
    private Hashtable ihshIdAuthStringCache;
    private Hashtable ihshAuthenticator;
    static Class class$0;
    private String istrWCSHostName = null;
    private int inWCSWebServerPort = 0;
    private String istrSocksHostName = null;
    private int inSocksPort = 0;
    private boolean ibUseNonSSLClient = false;
    private String istrRealmFileName = null;
    private int inCacheSize = 0;
    private long inCacheLifeMillis = 0;
    private MessageDigest itsMessageDigest = null;
    private String istrValidateAuthStringCmd = null;
    private String istrValidatePasswordCmd = null;
    private String istrVerifyUserCmd = null;
    private String istrListUserCmd = null;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.ibm.commerce.payment.realm.WCSRealm");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        CLASSNAME = cls.getName();
        WCS_WEBPATH = "/webapp/wcs/stores/servlet";
        CMD_VALIDATE_AUTHSTRING = "/WPMValidateAuthString?langId=-1";
        CMD_VALIDATE_PASSWORD = "/WPMValidatePassword?langId=-1";
        CMD_VERIFY_USER = "/WPMVerifyUser?langId=-1";
        CMD_LIST_USER = "/WPMListUser?langId=-1";
    }

    private String addAuthenticator(Hashtable hashtable) {
        String str = null;
        Object obj = this.ihshAuthenticator.get(AUTHENTICATOR_CURRENT);
        if (obj == null) {
            return null;
        }
        if (obj instanceof String) {
            hashtable.put(PARAM_NAME_AUTHSTRING, (String) obj);
        } else if (obj instanceof PasswordAuthentication) {
            PasswordAuthentication passwordAuthentication = (PasswordAuthentication) obj;
            str = String.valueOf(passwordAuthentication.getPassword()).trim();
            hashtable.put(PARAM_NAME_AUTHNAME, passwordAuthentication.getUserName().trim());
            hashtable.put(PARAM_NAME_PASSWORD, str);
        }
        return str;
    }

    private WCSClient createWCSClient() {
        WCSClient wCSClient = this.ibUseNonSSLClient ? new WCSClient() : new WCSClientSSL();
        if (this.istrSocksHostName == null || this.inSocksPort <= 0) {
            wCSClient.init(null, this.istrWCSHostName, this.inWCSWebServerPort);
            if (isTracing()) {
                trace(new StringBuffer(String.valueOf(wCSClient.getClass().getName())).append(" --> WCS WebServer Host --> ").append(this.istrWCSHostName).append(":").append(this.inWCSWebServerPort).toString());
            }
        } else {
            wCSClient.init(null, this.istrWCSHostName, this.inWCSWebServerPort, this.istrSocksHostName, this.inSocksPort);
            if (isTracing()) {
                trace(new StringBuffer(String.valueOf(wCSClient.getClass().getName())).append(" --> WCS WebServer Host --> ").append(this.istrWCSHostName).append(":").append(this.inWCSWebServerPort).append(", SocksHost --> ").append(this.istrSocksHostName).append(":").append(this.inSocksPort).toString());
            }
        }
        return wCSClient;
    }

    private boolean existsInRealmFile(String str, String str2) {
        if (isTracing()) {
            trace(new StringBuffer("Check if '").append(str).append("/").append(str2).append("' is in the local Realm file ...").toString());
        }
        String property = readRealmFile().getProperty(str);
        if (property == null) {
            return false;
        }
        if (isTracing()) {
            trace(new StringBuffer("Password on file: '").append(property).append("'").toString());
        }
        return property.equals(str2);
    }

    public String getAuthenticatedUser(HttpServletRequest httpServletRequest) throws RealmException {
        String str = null;
        boolean z = false;
        String pMAuthenticationString = getPMAuthenticationString(httpServletRequest);
        if (pMAuthenticationString != null) {
            if (isTracing()) {
                trace(new StringBuffer("getAuthenticatedUser(): PMAuthObject supplied with value: '").append(pMAuthenticationString).append("'").toString());
            }
            str = getUserNameFromPMAuthObject(pMAuthenticationString);
            if (str != null) {
                z = true;
            }
        } else {
            if (isTracing()) {
                trace("getAuthenticatedUser(): Getting userName from BASIC Authorization Header ...");
            }
            String fromHTTPAuthorizationString = getFromHTTPAuthorizationString(httpServletRequest, 1);
            String fromHTTPAuthorizationString2 = getFromHTTPAuthorizationString(httpServletRequest, 0);
            if (fromHTTPAuthorizationString != null && fromHTTPAuthorizationString2 != null) {
                if (isTracing()) {
                    trace(new StringBuffer("getAuthenticatedUser(): Authenticating '").append(fromHTTPAuthorizationString).append("' using supplied password ...").toString());
                }
                str = getUserNameFromIdAndPassword(fromHTTPAuthorizationString, fromHTTPAuthorizationString2);
                if (str != null) {
                    z = true;
                }
            }
        }
        if (z) {
            if (isTracing()) {
                trace(new StringBuffer("getAuthenticatedUser(): User '").append(str).append("' authenticated OK.").toString());
            }
            return LDAPUserConverter.checkForLDAPUserID(str);
        }
        if (!isTracing()) {
            return null;
        }
        trace("getAuthenticatedUser(): User NOT authenticated.");
        return null;
    }

    private String getUserNameFromIdAndPassword(String str, String str2) throws RealmException {
        String lDAPNameFromUserId = getLDAPNameFromUserId(str);
        PasswordCacheRecord passwordCacheRecord = (PasswordCacheRecord) this.ihshNamePasswordCache.get(lDAPNameFromUserId);
        if (passwordCacheRecord != null && passwordCacheRecord.isPasswordEqual(str2)) {
            if (passwordCacheRecord.isCurrent()) {
                passwordCacheRecord.refreshStaleTime();
                if (isTracing()) {
                    trace("getUserNameFromIdAndPassword(): User found in passwordcache, returning...");
                }
                return passwordCacheRecord.getUserName();
            }
            if (isTracing()) {
                trace(new StringBuffer("Removing cached Password for logonId ").append(lDAPNameFromUserId).toString());
            }
            this.ihshNamePasswordCache.remove(lDAPNameFromUserId);
        }
        String validateUserPassword = validateUserPassword(lDAPNameFromUserId, str2);
        if (validateUserPassword == null) {
            return null;
        }
        this.ihshNamePasswordCache.put(lDAPNameFromUserId, new PasswordCacheRecord(this, validateUserPassword, str2));
        this.ihshAuthenticator.put(AUTHENTICATOR_CURRENT, new PasswordAuthentication(validateUserPassword, str2.toCharArray()));
        return validateUserPassword;
    }

    private String getLDAPNameFromUserId(String str) {
        Enumeration keys = this.ihshNamePasswordCache.keys();
        while (keys.hasMoreElements()) {
            String str2 = (String) keys.nextElement();
            if (LDAPUserConverter.checkForLDAPUserID(str).equals(LDAPUserConverter.checkForLDAPUserID(str2))) {
                return str2;
            }
        }
        return str;
    }

    private String getUserNameFromPMAuthObject(String str) throws RealmException {
        Long parseUserId = parseUserId(str);
        if (parseUserId == null) {
            return null;
        }
        AuthStringCacheRecord authStringCacheRecord = (AuthStringCacheRecord) this.ihshIdAuthStringCache.get(parseUserId);
        if (authStringCacheRecord != null && authStringCacheRecord.isAuthStringEqual(str)) {
            if (authStringCacheRecord.isCurrent()) {
                authStringCacheRecord.refreshStaleTime();
                return authStringCacheRecord.getUserName();
            }
            if (isTracing()) {
                trace(new StringBuffer("Removing cached PMAuthObject for userId ").append(parseUserId.toString()).toString());
            }
            this.ihshIdAuthStringCache.remove(parseUserId);
        }
        String validateAuthString = validateAuthString(str);
        if (validateAuthString != null) {
            this.ihshIdAuthStringCache.put(parseUserId, new AuthStringCacheRecord(this, validateAuthString, str));
            this.ihshAuthenticator.put(AUTHENTICATOR_CURRENT, str);
        }
        return validateAuthString;
    }

    public UserList getUserNames(String str) throws RealmException {
        UserList rawUserNames = getRawUserNames(str);
        Vector vector = new Vector(10, 10);
        int i = 0;
        for (int i2 = 0; i2 < rawUserNames.size(); i2++) {
            String checkForLDAPUserID = LDAPUserConverter.checkForLDAPUserID(rawUserNames.elementAt(i2));
            if (checkForLDAPUserID != null) {
                vector.addElement(checkForLDAPUserID);
                i++;
            }
        }
        return new UserList(vector, i);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:33:0x01a8
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private com.ibm.etill.framework.realm.UserList getRawUserNames(java.lang.String r6) throws com.ibm.etill.framework.realm.RealmException {
        /*
            Method dump skipped, instructions count: 444
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.commerce.payment.realm.WCSRealm.getRawUserNames(java.lang.String):com.ibm.etill.framework.realm.UserList");
    }

    public void init(Properties properties) throws RealmException {
        String property = properties.getProperty(PROP_WCS_USER_CACHE_SIZE, DEFAULT_USERCACHE_SIZE);
        String property2 = properties.getProperty(PROP_WCS_USER_CACHE_LIFE, DEFAULT_USERCACHE_RECORD_LIFE_SECONDS);
        try {
            this.inCacheSize = Integer.parseInt(property);
            this.inCacheLifeMillis = Long.parseLong(property2) * 1000;
            this.istrWCSHostName = properties.getProperty(PROP_WCS_HOSTNAME, "localhost");
            String property3 = properties.getProperty("WCSWebPath", WCS_WEBPATH);
            this.istrValidateAuthStringCmd = new StringBuffer(String.valueOf(property3)).append(CMD_VALIDATE_AUTHSTRING).toString();
            this.istrValidatePasswordCmd = new StringBuffer(String.valueOf(property3)).append(CMD_VALIDATE_PASSWORD).toString();
            this.istrVerifyUserCmd = new StringBuffer(String.valueOf(property3)).append(CMD_VERIFY_USER).toString();
            this.istrListUserCmd = new StringBuffer(String.valueOf(property3)).append(CMD_LIST_USER).toString();
            String property4 = properties.getProperty("WCSWebServerPort");
            String property5 = properties.getProperty("UseNonSSLWCSClient");
            this.ibUseNonSSLClient = property5 != null && property5.equals("1");
            if (property4 == null) {
                property4 = this.ibUseNonSSLClient ? "80" : "443";
            }
            try {
                this.inWCSWebServerPort = Integer.parseInt(property4);
                this.ihshNamePasswordCache = new Hashtable(this.inCacheSize);
                this.ihshIdAuthStringCache = new Hashtable(this.inCacheSize);
                try {
                    this.itsMessageDigest = MessageDigest.getInstance("SHA");
                    this.ihshAuthenticator = new Hashtable();
                } catch (NoSuchAlgorithmException e) {
                    if (isTracing()) {
                        trace(e.toString());
                    }
                    throw new RealmException();
                }
            } catch (NumberFormatException e2) {
                if (isTracing()) {
                    trace("Invalid WCSWebServerPort specified. Must be an integer.");
                }
                throw new RealmException();
            }
        } catch (NumberFormatException e3) {
            if (isTracing()) {
                trace(e3.toString());
            }
            throw new RealmException();
        }
    }

    public boolean isUserInRealm(String str, String str2) throws RealmException {
        String lDAPNameFromUserId = getLDAPNameFromUserId(str);
        if (str2 != null) {
            if (isTracing()) {
                trace(new StringBuffer("isUserInRealm(): Checking for user '").append(lDAPNameFromUserId).append("' against filter '").append(str2).append("'...").toString());
            }
            if (lDAPNameFromUserId.indexOf(str2) == -1) {
                return false;
            }
        }
        if (isTracing()) {
            trace("isUserInRealm(): Checking ID in cache.");
        }
        PasswordCacheRecord passwordCacheRecord = (PasswordCacheRecord) this.ihshNamePasswordCache.get(lDAPNameFromUserId);
        if (passwordCacheRecord != null) {
            if (passwordCacheRecord.isCurrent()) {
                passwordCacheRecord.refreshStaleTime();
                return true;
            }
            if (isTracing()) {
                trace(new StringBuffer("isUserInRealm(): Removing cached Password for ID ").append(lDAPNameFromUserId).toString());
            }
            this.ihshNamePasswordCache.remove(lDAPNameFromUserId);
        }
        if (isTracing()) {
            trace(new StringBuffer("isUserInRealm(): Ask Server to verify the ID: ").append(lDAPNameFromUserId).toString());
        }
        return verifyUser(lDAPNameFromUserId);
    }

    private Long parseUserId(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        if (!stringTokenizer.hasMoreTokens()) {
            if (!isTracing()) {
                return null;
            }
            trace("Unable to parse the UserId from PMAuthObject string.");
            return null;
        }
        try {
            return Long.valueOf(stringTokenizer.nextToken());
        } catch (NumberFormatException e) {
            if (!isTracing()) {
                return null;
            }
            trace("Unable to convert the UserId into an Integer");
            return null;
        }
    }

    private UserList parseUserNames(String str, String str2) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, str2);
        if (!stringTokenizer.hasMoreTokens()) {
            if (!isTracing()) {
                return null;
            }
            trace("Unable to parse the number of total matches from the list of returned names.");
            return null;
        }
        try {
            int parseInt = Integer.parseInt(stringTokenizer.nextToken());
            Vector vector = new Vector(10, 10);
            for (int i = 0; stringTokenizer.hasMoreTokens() && i < 50; i++) {
                String trim = stringTokenizer.nextToken().trim();
                if (isTracing()) {
                    trace(new StringBuffer("parseUserNames(): Adding user: ").append(trim).append(" to userlist.").toString());
                }
                vector.addElement(trim);
            }
            return new UserList(vector, parseInt);
        } catch (NumberFormatException e) {
            if (!isTracing()) {
                return null;
            }
            trace("Unable to convert the first token to an integer");
            return null;
        }
    }

    private Properties readRealmFile() {
        Properties properties = new Properties();
        try {
            if (this.istrRealmFileName != null) {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(this.istrRealmFileName));
                while (bufferedReader.ready()) {
                    String str = new String(Base64utils.base64decode(bufferedReader.readLine().getBytes("8859_1")), "8859_1");
                    int lastIndexOf = str.lastIndexOf(":");
                    properties.put(lastIndexOf != -1 ? str.substring(0, lastIndexOf) : str, lastIndexOf != -1 ? str.substring(lastIndexOf + 1) : "");
                }
                if (isTracing()) {
                    trace(new StringBuffer("Local Realm file: ").append(properties.toString()).toString());
                }
            }
        } catch (IOException e) {
            if (isTracing()) {
                trace(new StringBuffer("Error reading Local Realm file: ").append(properties.toString()).toString());
            }
        }
        return properties;
    }

    private void traceSanitizedRequestLine(String str, String str2) {
        if (str2 == null) {
            trace(str);
            return;
        }
        String str3 = null;
        try {
            str3 = URLEncoder.encode(new String(str2.getBytes("UTF8"), PaymentAPIConstants.ISO8859_1));
        } catch (UnsupportedEncodingException e) {
        }
        String stringBuffer = new StringBuffer(NVP_KEY_FOR_PASSWORD_PARAM).append(str3).toString();
        int lastIndexOf = str.lastIndexOf(stringBuffer);
        int length = lastIndexOf + stringBuffer.length();
        if (lastIndexOf < 0) {
            trace(str);
        } else {
            trace(new StringBuffer(str).replace(lastIndexOf, length, "password=***").toString());
        }
    }

    private String urlDecodeAndConvertFromUTF8(String str) {
        String str2;
        StringBuffer stringBuffer = new StringBuffer(str.length());
        int i = 0;
        while (i < str.length()) {
            char charAt = str.charAt(i);
            if (charAt == '+') {
                stringBuffer.append((char) 32);
            } else if (charAt == '%') {
                char charAt2 = str.charAt(i + 1);
                char charAt3 = str.charAt(i + 2);
                i += 2;
                stringBuffer.append((char) ((Character.digit(charAt2, 16) << 4) + Character.digit(charAt3, 16)));
            } else {
                stringBuffer.append(charAt);
            }
            i++;
        }
        try {
            str2 = new String(stringBuffer.toString().getBytes(PaymentAPIConstants.ISO8859_1), "UTF8");
        } catch (UnsupportedEncodingException e) {
            str2 = "";
        }
        return str2;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:23:0x0144
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.lang.String validateAuthString(java.lang.String r6) throws com.ibm.etill.framework.realm.RealmException {
        /*
            Method dump skipped, instructions count: 344
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.commerce.payment.realm.WCSRealm.validateAuthString(java.lang.String):java.lang.String");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:32:0x018a
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.lang.String validateUserPassword(java.lang.String r6, java.lang.String r7) throws com.ibm.etill.framework.realm.RealmException {
        /*
            Method dump skipped, instructions count: 414
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.commerce.payment.realm.WCSRealm.validateUserPassword(java.lang.String, java.lang.String):java.lang.String");
    }

    private String shortNametoLDAPUser(String str) throws RealmException {
        if (isTracing()) {
            trace(new StringBuffer("shortNametoLDAPUser(): Trying to convert user: ").append(str).append(" to an LDAP DN user string.").toString());
        }
        UserList rawUserNames = getRawUserNames(str);
        String checkForLDAPUserID = LDAPUserConverter.checkForLDAPUserID(str);
        int size = rawUserNames != null ? rawUserNames.size() : 0;
        for (int i = 0; i < size; i++) {
            String elementAt = rawUserNames.elementAt(i);
            if (checkForLDAPUserID.equals(LDAPUserConverter.checkForLDAPUserID(elementAt))) {
                if (isTracing()) {
                    trace(new StringBuffer("shortNametoLDAPUser(): We have found a valid user, returning: ").append(elementAt).append(".").toString());
                }
                return elementAt;
            }
        }
        return null;
    }

    private boolean verifyUser(String str) throws RealmException {
        return shortNametoLDAPUser(str) != null;
    }
}
