package uk.ac.starlink.auth;

import com.lowagie.text.pdf.PdfBoolean;
import herschel.share.util.StringUtil;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpCookie;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.astrogrid.samp.httpd.HttpServer;

/* loaded from: input_file:uk/ac/starlink/auth/AuthUtil.class */
public class AuthUtil {
    public static final Charset UTF8;
    public static final String CHALLENGE_HEADER = "WWW-Authenticate";
    public static final String AUTH_HEADER = "Authorization";
    public static final String AUTHID_HEADER = "X-VO-Authenticated";
    public static final String LOGSECRETS_PROP = "auth.logsecrets";
    public static boolean LOG_SECRETS;
    public static final String SCHEMES_PROP = "auth.schemes";
    public static final AuthScheme[] DFLT_SCHEMES;
    private static final AuthScheme[] OTHER_SCHEMES;
    public static final AuthScheme[] ALL_SCHEMES;
    private static final Logger logger_;
    private static AuthScheme[] dfltSchemes_;
    static final /* synthetic */ boolean $assertionsDisabled;

    private AuthUtil() {
    }

    public static int getResponseCode(URLConnection uRLConnection) {
        if (!(uRLConnection instanceof HttpURLConnection)) {
            return -1;
        }
        try {
            return ((HttpURLConnection) uRLConnection).getResponseCode();
        } catch (IOException e) {
            logger_.log(Level.WARNING, "Error retrieving HTTP status code: " + e, (Throwable) e);
            return -1;
        }
    }

    public static Challenge[] getChallenges(URLConnection uRLConnection) {
        ArrayList arrayList = new ArrayList();
        if (uRLConnection != null) {
            for (Map.Entry<String, List<String>> entry : uRLConnection.getHeaderFields().entrySet()) {
                if (CHALLENGE_HEADER.equalsIgnoreCase(entry.getKey())) {
                    Iterator<String> it = entry.getValue().iterator();
                    while (it.hasNext()) {
                        arrayList.addAll(Challenge.parseChallenges(it.next()));
                    }
                }
            }
        }
        return (Challenge[]) arrayList.toArray(new Challenge[0]);
    }

    public static String getAuthenticatedId(AuthConnection authConnection) {
        URLConnection connection = authConnection.getConnection();
        HttpURLConnection httpURLConnection = connection instanceof HttpURLConnection ? (HttpURLConnection) connection : null;
        if (connection == null) {
            return null;
        }
        try {
            int responseCode = httpURLConnection.getResponseCode();
            AuthContext context = authConnection.getContext();
            if (responseCode == 403 || responseCode == 401 || responseCode == 404 || context == null || !context.hasCredentials()) {
                return null;
            }
            String headerField = httpURLConnection.getHeaderField(AUTHID_HEADER);
            return (headerField == null || headerField.trim().length() <= 0) ? "authenticated(unknownID)" : headerField;
        } catch (IOException e) {
            return null;
        }
    }

    public static String authFailureMessage(HttpURLConnection httpURLConnection) {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            int responseCode = httpURLConnection.getResponseCode();
            stringBuffer.append(responseCode).append(": ");
            switch (responseCode) {
                case 401:
                    stringBuffer.append("Unauthorized - bad credentials");
                    break;
                case 403:
                    stringBuffer.append("Forbidden - insufficient privileges");
                    break;
                default:
                    stringBuffer.append(httpURLConnection.getResponseMessage());
                    break;
            }
        } catch (IOException e) {
            stringBuffer.append("trouble!");
        }
        return stringBuffer.toString();
    }

    public static String unNullString(String str) {
        return str == null ? "" : str;
    }

    public static String cookieLogText(HttpCookie httpCookie) {
        return LOG_SECRETS ? httpCookie.toString() : httpCookie.getName();
    }

    public static AuthScheme[] getDefaultSchemes() {
        if (dfltSchemes_ == null) {
            dfltSchemes_ = createDefaultSchemes();
            logger_.log(Arrays.equals(dfltSchemes_, DFLT_SCHEMES) ? Level.CONFIG : Level.WARNING, "Default auth schemes: " + ((String) Stream.of((Object[]) dfltSchemes_).map(authScheme -> {
                return authScheme.getName();
            }).collect(Collectors.joining(StringUtil.ITEM_SEP))));
        }
        return (AuthScheme[]) dfltSchemes_.clone();
    }

    private static AuthScheme[] createDefaultSchemes() {
        String property = System.getProperty(SCHEMES_PROP);
        if (property == null || property.trim().length() == 0) {
            return DFLT_SCHEMES;
        }
        try {
            return getNamedSchemes(property.split(StringUtil.ITEM_SEP));
        } catch (Throwable th) {
            logger_.log(Level.WARNING, "Not a list of auth schemes: " + property, th);
            return DFLT_SCHEMES;
        }
    }

    private static AuthScheme[] getNamedSchemes(String[] strArr) throws ClassNotFoundException, InstantiationException, IllegalAccessException {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            AuthScheme authScheme = (AuthScheme) Stream.of((Object[]) ALL_SCHEMES).filter(authScheme2 -> {
                return str.equalsIgnoreCase(authScheme2.getName()) || str.equals(authScheme2.getClass().getName());
            }).findFirst().orElse(null);
            if (authScheme == null) {
                authScheme = (AuthScheme) Class.forName(str).newInstance();
            }
            arrayList.add(authScheme);
        }
        return (AuthScheme[]) arrayList.toArray(new AuthScheme[0]);
    }

    public static HttpURLConnection postForm(URL url, Map<String, String> map) throws IOException {
        URLConnection openConnection = url.openConnection();
        if (!(openConnection instanceof HttpURLConnection)) {
            throw new IOException("Not an HTTP URL: " + url);
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) openConnection;
        postForm(httpURLConnection, map);
        return httpURLConnection;
    }

    public static void postForm(HttpURLConnection httpURLConnection, Map<String, String> map) throws IOException {
        byte[] postedBytes = toPostedBytes(map);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty(HttpServer.HDR_CONTENT_TYPE, "application/x-www-form-urlencoded");
        httpURLConnection.setInstanceFollowRedirects(false);
        httpURLConnection.setDoOutput(true);
        httpURLConnection.connect();
        OutputStream outputStream = httpURLConnection.getOutputStream();
        try {
            outputStream.write(postedBytes);
            outputStream.close();
        } catch (Throwable th) {
            outputStream.close();
            throw th;
        }
    }

    private static byte[] toPostedBytes(Map<String, String> map) {
        StringBuffer stringBuffer = new StringBuffer();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (stringBuffer.length() != 0) {
                stringBuffer.append('&');
            }
            try {
                stringBuffer.append(URLEncoder.encode(entry.getKey(), "UTF-8")).append('=').append(URLEncoder.encode(entry.getValue(), "UTF-8"));
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException("No UTF-8??");
            }
        }
        int length = stringBuffer.length();
        byte[] bArr = new byte[length];
        for (int i = 0; i < length; i++) {
            char charAt = stringBuffer.charAt(i);
            if (!$assertionsDisabled && charAt != (charAt & 127)) {
                throw new AssertionError();
            }
            bArr[i] = (byte) stringBuffer.charAt(i);
        }
        return bArr;
    }

    static {
        $assertionsDisabled = !AuthUtil.class.desiredAssertionStatus();
        UTF8 = Charset.forName("UTF-8");
        LOG_SECRETS = PdfBoolean.TRUE.equalsIgnoreCase(System.getProperty(LOGSECRETS_PROP));
        DFLT_SCHEMES = new AuthScheme[]{X509IvoaAuthScheme.INSTANCE, CookieIvoaAuthScheme.INSTANCE, BasicAuthScheme.INSTANCE};
        OTHER_SCHEMES = new AuthScheme[]{BearerIvoaAuthScheme.INSTANCE};
        ALL_SCHEMES = (AuthScheme[]) Stream.concat(Stream.of((Object[]) DFLT_SCHEMES), Stream.of((Object[]) OTHER_SCHEMES)).toArray(i -> {
            return new AuthScheme[i];
        });
        logger_ = Logger.getLogger("uk.ac.starlink.auth");
    }
}
