package com.tridium.web;

import com.tridium.httpd.CookieUtil;
import com.tridium.httpd.HttpRequest;
import com.tridium.net.HttpUtil;
import com.tridium.nre.auth.ScramSha256Server;
import com.tridium.user.BUserPasswordConfiguration;
import com.tridium.util.EscUtil;
import com.tridium.web.BHttpAuthAgent;
import java.io.DataInputStream;
import java.io.PrintWriter;
import java.util.Hashtable;
import javax.baja.io.HtmlWriter;
import javax.baja.nre.util.Base64;
import javax.baja.nre.util.TextUtil;
import javax.baja.registry.TypeInfo;
import javax.baja.security.AuthenticationException;
import javax.baja.security.BUsernameAndPassword;
import javax.baja.sys.BFacets;
import javax.baja.sys.BString;
import javax.baja.sys.Context;
import javax.baja.sys.Flags;
import javax.baja.sys.Property;
import javax.baja.sys.Sys;
import javax.baja.sys.Type;
import javax.baja.user.AuthenticateUtil;
import javax.baja.user.BPasswordStrength;
import javax.baja.user.BUser;
import javax.baja.user.BUserService;
import javax.baja.util.BTypeSpec;
import javax.baja.util.Lexicon;
import javax.baja.web.BWebService;
import javax.baja.web.LoginState;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/tridium/web/BHttpUsernamePasswordAuthAgent.class */
public class BHttpUsernamePasswordAuthAgent extends BHttpAuthAgent {
    public static final BHttpUsernamePasswordAuthAgent INSTANCE = new BHttpUsernamePasswordAuthAgent();
    public static final Type TYPE;
    public static final String ACTION_CLIENT_FIRST_MESSAGE = "sendClientFirstMessage";
    public static final String ACTION_CLIENT_FINAL_MESSAGE = "sendClientFinalMessage";
    public static final String KEY_CLIENT_FIRST_MESSAGE = "clientFirstMessage";
    public static final String KEY_CLIENT_FINAL_MESSAGE = "clientFinalMessage";
    public static final String KEY_SESSION_SCRAMSHA1 = "scramSha1";
    static final int COOKIE_AGE = 1296000;
    private static TypeInfo USER_SYNC_EXT_TYPE;
    private Lexicon localLex;
    private Lexicon bajaLex;
    static Class class$com$tridium$web$BHttpUsernamePasswordAuthAgent;
    static Class class$com$tridium$user$BUserPasswordConfiguration;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/tridium/web/BHttpUsernamePasswordAuthAgent$BasicAuthContext.class */
    public class BasicAuthContext extends BHttpAuthAgent.AuthContext {
        protected String password;

        /* renamed from: this, reason: not valid java name */
        final BHttpUsernamePasswordAuthAgent f9this;

        public String getPassword() {
            return this.password;
        }

        public String getToken() {
            return new StringBuffer().append(this.username).append(':').append(this.password).toString();
        }

        @Override // com.tridium.web.BHttpAuthAgent.AuthContext
        public String toString() {
            return new StringBuffer().append(this.scheme).append(':').append(this.username).toString();
        }

        public BasicAuthContext(BHttpUsernamePasswordAuthAgent bHttpUsernamePasswordAuthAgent, String str) {
            super(bHttpUsernamePasswordAuthAgent);
            this.f9this = bHttpUsernamePasswordAuthAgent;
            int indexOf = str.indexOf(58);
            this.username = str.substring(0, indexOf);
            this.password = str.substring(indexOf + 1);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/tridium/web/BHttpUsernamePasswordAuthAgent$IllegalNetworkUserException.class */
    public class IllegalNetworkUserException extends AuthenticationException {

        /* renamed from: this, reason: not valid java name */
        final BHttpUsernamePasswordAuthAgent f10this;

        public IllegalNetworkUserException(BHttpUsernamePasswordAuthAgent bHttpUsernamePasswordAuthAgent) {
            this.f10this = bHttpUsernamePasswordAuthAgent;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/tridium/web/BHttpUsernamePasswordAuthAgent$SessionAuthContext.class */
    public class SessionAuthContext extends BHttpAuthAgent.AuthContext {

        /* renamed from: this, reason: not valid java name */
        final BHttpUsernamePasswordAuthAgent f11this;

        public SessionAuthContext(BHttpUsernamePasswordAuthAgent bHttpUsernamePasswordAuthAgent, String str) {
            super(bHttpUsernamePasswordAuthAgent);
            this.f11this = bHttpUsernamePasswordAuthAgent;
            this.username = str;
        }
    }

    @Override // com.tridium.web.BHttpAuthAgent
    public void writeLoginForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LoginState loginState) throws Exception {
        if (this.localLex == null) {
            this.localLex = Lexicon.make("web", WebUtil.getLanguage(httpServletRequest, null));
        }
        if (this.bajaLex == null) {
            this.bajaLex = Lexicon.make("baja", WebUtil.getLanguage(httpServletRequest, null));
        }
        PrintWriter writer = httpServletResponse.getWriter();
        if (loginState.getState() == 3) {
            writePasswordResetForm(httpServletRequest, writer);
        } else {
            writeTableForm(httpServletRequest, writer);
        }
    }

    @Override // com.tridium.web.BHttpAuthAgent
    public void writeHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        HtmlWriter htmlWriter = new HtmlWriter(httpServletResponse.getWriter());
        Lexicon make = Lexicon.make("web", WebUtil.getLanguage(httpServletRequest, null));
        String absolutePathBase = WebUtil.getAbsolutePathBase(httpServletRequest);
        htmlWriter.println(new StringBuffer(" <title>").append(make.getHtmlSafeText("login")).append("</title> \n").toString());
        htmlWriter.println(" <meta name='viewport' content='width=device-width initial-scale=1.0 maximum-scale=1.0 target-densityDpi=medium-dpi' /> \n <meta http-equiv='Content-type' content='text/html;charset=UTF-8' /> \n");
        htmlWriter.println(new StringBuffer(" <link rel='stylesheet' type='text/css' href='").append(absolutePathBase).append("login/login.css?").append(Sys.getRegistry().getModule("web").getVendorVersion()).append("'/> \n <script type='text/javascript' src='").append(absolutePathBase).append("login/auth.min.js?").append(Sys.getRegistry().getModule("web").getVendorVersion()).append("'></script> \n <script type='text/javascript' src='").append(absolutePathBase).append("login/login.js?").append(Sys.getRegistry().getModule("web").getVendorVersion()).append("'></script> \n").toString());
    }

    private final void writeTableForm(HttpServletRequest httpServletRequest, PrintWriter printWriter) {
        printWriter.println("<table style='table-layout:fixed' align='center' id='mainForm'>");
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td width='70px'><label>").append(this.localLex.getHtmlSafeText("login.username")).append("</label></td>").toString());
        printWriter.println("  <td><input class='textfield' type='text' id='username' size='20' /></td>");
        printWriter.println(" </tr>");
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td width='70px'><label>").append(this.localLex.getHtmlSafeText("login.password")).append("</label></td>").toString());
        printWriter.println("  <td><input class='textfield' type='password' id='password' autocomplete='off' /></td>");
        printWriter.println(" </tr>");
        printWriter.println(" <tr><td colspan='2'><br/></td></tr>");
        printWriter.println(" <tr>");
        printWriter.println("  <td colspan='2' align='right'>");
        if (getWebService().getAutoLoginEnabled()) {
            printWriter.print("  <span style='float:left;'>");
            printWriter.print(new StringBuffer("<input type='checkbox' name='autoLogin' /> ").append(this.localLex.getHtmlSafeText("login.autoLogin")).toString());
            printWriter.println("</span>");
        }
        printWriter.println(new StringBuffer("  <input id='submitButton' type='submit' class='button' value='").append(this.localLex.getHtmlSafeText("login")).append("' onclick='return doLogin();' disabled/>").toString());
        printWriter.println(" </td>");
        printWriter.println(" </tr>");
        printWriter.println(" <script type='text/javascript'>");
        printWriter.println("   if (typeof doLogin === 'function') { document.getElementById('submitButton').disabled = false; }");
        printWriter.println(" </script>");
        doWriteCustomLoginAddition(httpServletRequest, printWriter);
        printWriter.println("</table>");
    }

    protected void doWriteCustomLoginAddition(HttpServletRequest httpServletRequest, PrintWriter printWriter) {
    }

    private final JSONObject getPasswordStrengthJSON() {
        BPasswordStrength passwordStrength = Sys.getService(BUserService.TYPE).getPasswordStrength();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("minimumDigits", passwordStrength.getMinimumDigits());
        jSONObject.put("minimumLength", passwordStrength.getMinimumLength());
        jSONObject.put("minimumLowerCase", passwordStrength.getMinimumLowerCase());
        jSONObject.put("minimumSpecial", passwordStrength.getMinimumSpecial());
        jSONObject.put("minimumUpperCase", passwordStrength.getMinimumUpperCase());
        return jSONObject;
    }

    private final void writePasswordResetForm(HttpServletRequest httpServletRequest, PrintWriter printWriter) throws JSONException {
        JSONObject passwordStrengthJSON = getPasswordStrengthJSON();
        String stringBuffer = new StringBuffer("checkPasswords(").append(passwordStrengthJSON.toString()).append(");").toString();
        printWriter.println("<table align='center' id='mainForm'>");
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td class='shrink'><label>").append(this.localLex.getHtmlSafeText("login.username")).append("</label></td>").toString());
        printWriter.println(new StringBuffer("  <td class='expand'><input onChange='").append(stringBuffer).append("' onKeyUp='").append(stringBuffer).append("' class='textfield' type='text' id='username' size='20' /></td>").toString());
        printWriter.println(" </tr>");
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td class='shrink'><label>").append(this.localLex.getHtmlSafeText("login.oldpassword")).append("</label></td>").toString());
        printWriter.println(new StringBuffer("  <td class='expand'><input onChange='").append(stringBuffer).append("' onKeyUp='").append(stringBuffer).append("' class='textfield' type='password' id='password' autocomplete='off' /></td>").toString());
        printWriter.println(" </tr>");
        BPasswordStrength passwordStrength = Sys.getService(BUserService.TYPE).getPasswordStrength();
        if (!passwordStrength.equivalent(BPasswordStrength.OFF)) {
            printWriter.println(new StringBuffer("<tr><td colspan='2'><label class='strongPasswordMsg'>").append(this.bajaLex.getHtmlSafeText("user.password.notStrong")).append('\n').toString());
            if (passwordStrength.getMinimumLength() > 0) {
                printWriter.println(new StringBuffer("<br />&nbsp;- ").append(this.bajaLex.getHtmlSafeText("user.password.notLongEnough", new String[]{new StringBuffer().append(passwordStrength.getMinimumLength()).toString()})).toString());
            }
            if (passwordStrength.getMinimumDigits() > 0) {
                printWriter.println(new StringBuffer("<br />&nbsp;- ").append(this.bajaLex.getHtmlSafeText("user.password.notEnoughDigits", new String[]{new StringBuffer().append(passwordStrength.getMinimumDigits()).toString()})).toString());
            }
            if (passwordStrength.getMinimumLowerCase() > 0) {
                printWriter.println(new StringBuffer("<br />&nbsp;- ").append(this.bajaLex.getHtmlSafeText("user.password.notEnoughLowerCase", new String[]{new StringBuffer().append(passwordStrength.getMinimumLowerCase()).toString()})).toString());
            }
            if (passwordStrength.getMinimumUpperCase() > 0) {
                printWriter.println(new StringBuffer("<br />&nbsp;- ").append(this.bajaLex.getHtmlSafeText("user.password.notEnoughUpperCase", new String[]{new StringBuffer().append(passwordStrength.getMinimumUpperCase()).toString()})).toString());
            }
            if (passwordStrength.getMinimumSpecial() > 0) {
                printWriter.println(new StringBuffer("<br />&nbsp;- ").append(this.bajaLex.getHtmlSafeText("user.password.notEnoughSpecial", new String[]{new StringBuffer().append(passwordStrength.getMinimumSpecial()).toString()})).toString());
            }
            printWriter.println("</label></td></tr>");
        }
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td class='shrink'><label>").append(this.localLex.getHtmlSafeText("login.password.new")).append("</label></td>").toString());
        printWriter.println(new StringBuffer("  <td class='expand'><input onChange='").append(stringBuffer).append("' onKeyUp='").append(stringBuffer).append("' class='textfield passwordValidation' type='password' id='password1' size='20' autocomplete='off' /></td>").toString());
        printWriter.println(" </tr>");
        printWriter.println(" <tr>");
        printWriter.println(new StringBuffer("  <td class='shrink'><label>").append(this.localLex.getHtmlSafeText("login.password.new.retype")).append("</label></td>").toString());
        printWriter.println(new StringBuffer("  <td class='expand'><input onChange='").append(stringBuffer).append("' onKeyUp='").append(stringBuffer).append("' class='textfield passwordValidation' type='password' id='password2' autocomplete='off' /></td>").toString());
        printWriter.println(" </tr>");
        printWriter.println(" <tr><td colspan='2'><br/></td></tr>");
        printWriter.println(" <tr>");
        printWriter.println("  <td colspan='2' align='right'>");
        printWriter.println(new StringBuffer("  <input id='submitButton' type='submit' class='button' value='").append(this.localLex.getHtmlSafeText("login")).append("' onclick='return login.doResetPassword();' disabled/>").toString());
        printWriter.println(" </td>");
        printWriter.println(" </tr>");
        printWriter.println(" <script type='text/javascript'>");
        printWriter.println("   if (typeof login.doResetPassword === 'function') { document.getElementById('submitButton').disabled = false; }");
        printWriter.println(" </script>");
        printWriter.println("</table>");
        printWriter.println("<input type='hidden' id='state' value=''3'' />");
        printWriter.println("<input type='hidden' id='resetToken' name='resetToken' value=''/>");
        printWriter.println("<script type='text/javascript'>");
        printWriter.println(new StringBuffer("checkPasswords(").append(passwordStrengthJSON.toString()).append(");").toString());
        printWriter.println("</script>");
    }

    @Override // com.tridium.web.BHttpAuthAgent
    public void doLoginPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Hashtable hashtable = new Hashtable();
        byte[] bArr = new byte[httpServletRequest.getContentLength()];
        new DataInputStream(httpServletRequest.getInputStream()).readFully(bArr);
        String[] split = TextUtil.split(new String(bArr), '&');
        for (int i = 0; i < split.length; i++) {
            int indexOf = split[i].indexOf(61);
            String substring = split[i].substring(0, indexOf);
            hashtable.put(HttpUtil.decodeUrl(substring), decodeValue(substring, split[i].substring(indexOf + 1)));
        }
        if (httpServletRequest.getContentType().startsWith("application/x-niagara-login-support")) {
            handleLoginSupport(hashtable, httpServletRequest, httpServletResponse);
        } else {
            handleFormLogin(hashtable, httpServletRequest, httpServletResponse);
        }
    }

    protected void handleLoginSupport(Hashtable hashtable, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (hashtable.get("action").equals(ACTION_CLIENT_FIRST_MESSAGE)) {
            if (httpServletRequest instanceof HttpRequest) {
                ((HttpRequest) httpServletRequest).resetSession();
            }
            String str = (String) hashtable.get(KEY_CLIENT_FIRST_MESSAGE);
            ScramSha256Server scramSha256Server = new ScramSha256Server(new BHttpAuthAgent.HttpUserKeyFactory(this));
            String createServerFirstMessage = scramSha256Server.createServerFirstMessage(str);
            httpServletRequest.getSession().setAttribute(KEY_SESSION_SCRAMSHA1, scramSha256Server);
            httpServletRequest.getSession().setAttribute(BWebService.SESSION_INFO_USER, scramSha256Server.getUserName());
            httpServletResponse.setStatus(HttpServletResponse.SC_OK);
            httpServletResponse.setContentType("text/plain");
            httpServletResponse.getWriter().print(createServerFirstMessage);
            httpServletResponse.getWriter().flush();
            return;
        }
        if (!hashtable.get("action").equals(ACTION_CLIENT_FINAL_MESSAGE)) {
            invalidateSession(httpServletRequest, httpServletResponse);
            httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }
        String str2 = (String) hashtable.get(KEY_CLIENT_FINAL_MESSAGE);
        ScramSha256Server scramSha256Server2 = (ScramSha256Server) httpServletRequest.getSession().getAttribute(KEY_SESSION_SCRAMSHA1);
        if (scramSha256Server2 == null) {
            throw new AuthenticationException("Session in incorrect state");
        }
        BUserService userService = getUserService();
        String str3 = (String) httpServletRequest.getSession().getAttribute(BWebService.SESSION_INFO_USER);
        BUser user = userService.getUser(str3);
        BFacets make = BFacets.make("target", BString.make(getWebService().toPathString()), "slotName", BString.make(httpServletRequest.getRemoteHost()));
        try {
            String createServerFinalMessage = scramSha256Server2.createServerFinalMessage(str2);
            user.authenticateOk(userService);
            userService.auditLoginAttempt(true, user, make);
            httpServletRequest.getSession().setAttribute(BWebService.SESSION_INFO_AUTH, new Boolean(true));
            httpServletRequest.getSession().removeAttribute(KEY_SESSION_SCRAMSHA1);
            httpServletRequest.getSession().setMaxInactiveInterval(getWebService().getCookieDigestSessionTimeout() * 60);
            if (needsPasswordReset(str3, false)) {
                Cookie cookie = new Cookie(CookieUtil.getCookieName(httpServletRequest, "niagara_login_state"), String.valueOf(3));
                cookie.setPath("/");
                httpServletResponse.addCookie(cookie);
            }
            httpServletResponse.setStatus(HttpServletResponse.SC_OK);
            httpServletResponse.setContentType("text/plain");
            httpServletResponse.getWriter().print(createServerFinalMessage);
            httpServletResponse.getWriter().flush();
        } catch (Exception e) {
            invalidateSession(httpServletRequest, httpServletResponse);
            if (user != null) {
                user.authenticateFailed(userService);
                userService.auditLoginAttempt(false, user, make);
            }
            throw e;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:44:0x02cf A[Catch: IllegalNetworkUserException -> 0x0476, Exception -> 0x04c3, TryCatch #4 {IllegalNetworkUserException -> 0x0476, Exception -> 0x04c3, blocks: (B:3:0x0011, B:5:0x0018, B:7:0x001f, B:8:0x0026, B:10:0x0055, B:12:0x0060, B:14:0x006a, B:15:0x009b, B:17:0x00ae, B:18:0x00b9, B:20:0x00fd, B:23:0x0148, B:25:0x0152, B:27:0x0170, B:29:0x017e, B:32:0x0199, B:33:0x01b2, B:35:0x01be, B:36:0x01ce, B:39:0x01a5, B:40:0x01b1, B:44:0x02cf, B:46:0x02df, B:47:0x02ea, B:49:0x02f5, B:50:0x0300, B:51:0x0331, B:53:0x01f8, B:55:0x0231, B:57:0x023f, B:60:0x024c, B:61:0x0265, B:63:0x0271, B:64:0x02a3, B:67:0x0258, B:68:0x0264, B:69:0x0081, B:70:0x037c, B:72:0x0389, B:73:0x03c1, B:75:0x03da, B:76:0x03e5, B:78:0x042e, B:133:0x03ab), top: B:2:0x0011, inners: #0, #2 }] */
    /* JADX WARN: Removed duplicated region for block: B:51:0x0331 A[Catch: IllegalNetworkUserException -> 0x0476, Exception -> 0x04c3, TryCatch #4 {IllegalNetworkUserException -> 0x0476, Exception -> 0x04c3, blocks: (B:3:0x0011, B:5:0x0018, B:7:0x001f, B:8:0x0026, B:10:0x0055, B:12:0x0060, B:14:0x006a, B:15:0x009b, B:17:0x00ae, B:18:0x00b9, B:20:0x00fd, B:23:0x0148, B:25:0x0152, B:27:0x0170, B:29:0x017e, B:32:0x0199, B:33:0x01b2, B:35:0x01be, B:36:0x01ce, B:39:0x01a5, B:40:0x01b1, B:44:0x02cf, B:46:0x02df, B:47:0x02ea, B:49:0x02f5, B:50:0x0300, B:51:0x0331, B:53:0x01f8, B:55:0x0231, B:57:0x023f, B:60:0x024c, B:61:0x0265, B:63:0x0271, B:64:0x02a3, B:67:0x0258, B:68:0x0264, B:69:0x0081, B:70:0x037c, B:72:0x0389, B:73:0x03c1, B:75:0x03da, B:76:0x03e5, B:78:0x042e, B:133:0x03ab), top: B:2:0x0011, inners: #0, #2 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void handleFormLogin(java.util.Hashtable r7, javax.servlet.http.HttpServletRequest r8, javax.servlet.http.HttpServletResponse r9) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 1808
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tridium.web.BHttpUsernamePasswordAuthAgent.handleFormLogin(java.util.Hashtable, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):void");
    }

    private final boolean needsPasswordReset(String str, boolean z) {
        String unescape = EscUtil.slot.unescape(str);
        BUserService service = Sys.getService(BUserService.TYPE);
        BUser user = service.getUser(unescape);
        if (!service.canUsePasswordFeatures(user)) {
            return false;
        }
        Class cls = class$com$tridium$user$BUserPasswordConfiguration;
        if (cls == null) {
            cls = m50class("[Lcom.tridium.user.BUserPasswordConfiguration;", false);
            class$com$tridium$user$BUserPasswordConfiguration = cls;
        }
        BUserPasswordConfiguration[] bUserPasswordConfigurationArr = (BUserPasswordConfiguration[]) user.getChildren(cls);
        if (bUserPasswordConfigurationArr.length <= 0 || !bUserPasswordConfigurationArr[0].getForceResetAtNextLogin()) {
            return false;
        }
        if (USER_SYNC_EXT_TYPE == null) {
            USER_SYNC_EXT_TYPE = BTypeSpec.make("niagaraDriver", "UserSyncExt").getTypeInfo();
        }
        Property property = user.getProperty("syncExt");
        if (!user.getNetworkUser() || !Flags.isReadonly(user.getParent(), user.getPropertyInParent()) || property == null || USER_SYNC_EXT_TYPE == null || !property.getType().is(USER_SYNC_EXT_TYPE)) {
            return true;
        }
        if (z) {
            throw new IllegalNetworkUserException(this);
        }
        return false;
    }

    protected static String decodeValue(String str, String str2) {
        return (str.equals(KEY_CLIENT_FIRST_MESSAGE) || str.equals(KEY_CLIENT_FINAL_MESSAGE)) ? str2 : HttpUtil.decodeUrl(str2);
    }

    @Override // com.tridium.web.BHttpAuthAgent
    public UserAndCredentials doWebProcessAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        BHttpAuthAgent.AuthContext[] authContexts = getAuthContexts(httpServletRequest, httpServletResponse);
        if (authContexts != null) {
            for (int i = 0; i < authContexts.length; i++) {
                try {
                    if (authLog.isTraceOn()) {
                        authLog.trace(new StringBuffer("AuthContext=").append(authContexts[i]).toString());
                    }
                    authContexts[i].setSession(httpServletRequest.getSession(true));
                    BUser authenticate = authenticate(authContexts[i], httpServletRequest, httpServletResponse);
                    return UserAndCredentials.make(authenticate, new BUsernameAndPassword(authenticate.getUsername(), authenticate.getPassword()));
                } catch (IllegalNetworkUserException e) {
                    Cookie cookie = new Cookie(CookieUtil.getCookieName(httpServletRequest, "niagara_login_state"), String.valueOf(5));
                    cookie.setPath("/");
                    httpServletResponse.addCookie(cookie);
                } catch (Exception unused) {
                }
            }
        } else if (authLog.isTraceOn()) {
            authLog.trace("AuthContext=null");
        }
        BUser guestUser = getUserService().getGuestUser();
        if (guestUser.getEnabled()) {
            try {
                SessionAuthContext sessionAuthContext = new SessionAuthContext(this, guestUser.getUsername());
                sessionAuthContext.setAudit(true);
                sessionAuthContext.setSession(httpServletRequest.getSession(true));
                httpServletRequest.getSession().setAttribute(BWebService.SESSION_INFO_GUEST, new Boolean(true));
                httpServletRequest.getSession().setAttribute(BWebService.SESSION_INFO_USER, guestUser.getName());
                guestUser = authenticate(sessionAuthContext, httpServletRequest, httpServletResponse);
            } catch (Exception unused2) {
            }
        }
        return UserAndCredentials.make(guestUser, new BUsernameAndPassword(guestUser.getUsername(), guestUser.getPassword()));
    }

    public BUser authenticate(BHttpAuthAgent.AuthContext authContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        BFacets bFacets = null;
        if (authContext.getAudit()) {
            bFacets = BFacets.make("target", BString.make(getWebService().toPathString()), "slotName", BString.make(authContext.remoteHost != null ? authContext.remoteHost : ""));
        }
        BUser authenticateDigest = (authContext.getScheme() == null || !authContext.getScheme().equalsIgnoreCase("Basic")) ? isDigest() ? authenticateDigest((SessionAuthContext) authContext, bFacets) : authenticateBasic(authContext, bFacets) : authenticateBasic(authContext, bFacets);
        if (authenticateDigest != null) {
            needsPasswordReset(authenticateDigest.getName(), true);
            updateCookie(authContext, httpServletRequest, httpServletResponse);
        }
        return authenticateDigest;
    }

    protected BUser authenticateDigest(SessionAuthContext sessionAuthContext, Context context) throws AuthenticationException {
        return authenticateSession(sessionAuthContext, context);
    }

    protected BUser authenticateBasic(BHttpAuthAgent.AuthContext authContext, Context context) throws AuthenticationException {
        if (authContext instanceof BasicAuthContext) {
            BasicAuthContext basicAuthContext = (BasicAuthContext) authContext;
            return AuthenticateUtil.authenticateUsernameAndPassword(basicAuthContext.username, basicAuthContext.password, getUserService(), context);
        }
        if (authContext instanceof SessionAuthContext) {
            return authenticateSession((SessionAuthContext) authContext, context);
        }
        throw new AuthenticationException("Invalid state");
    }

    protected BUser authenticateSession(SessionAuthContext sessionAuthContext, Context context) {
        BUser user = getUserService().getUser(EscUtil.slot.unescape(sessionAuthContext.getUsername()));
        if (user != null && getUserService().canLogin(user)) {
            Boolean bool = (Boolean) sessionAuthContext.getSession().getAttribute(BWebService.SESSION_INFO_AUTH);
            Boolean bool2 = (Boolean) sessionAuthContext.getSession().getAttribute(BWebService.SESSION_INFO_GUEST);
            if ((bool != null && bool.booleanValue()) || (bool2 != null && bool2.booleanValue())) {
                user.authenticateOk(getUserService());
                getUserService().auditLoginAttempt(true, user, context);
                return user;
            }
            user.authenticateFailed(getUserService());
            getUserService().auditLoginAttempt(false, user, context);
        }
        throw new AuthenticationException();
    }

    @Override // com.tridium.web.BHttpAuthAgent
    protected BHttpAuthAgent.AuthContext getFromHeader(String str) throws Exception {
        if (str.startsWith("Basic ")) {
            BasicAuthContext basicAuthContext = new BasicAuthContext(this, new String(Base64.decode(str.substring("Basic ".length()))));
            basicAuthContext.setScheme("Basic");
            return basicAuthContext;
        }
        if (str.startsWith("Negotiate")) {
            return null;
        }
        throw new Exception(new StringBuffer("Unsupported authorization scheme: ").append(str).toString());
    }

    @Override // com.tridium.web.BHttpAuthAgent
    protected BHttpAuthAgent.AuthContext getFromCookie(Cookie cookie, boolean z) throws Exception {
        Boolean bool;
        try {
            BHttpAuthAgent.AuthContext authContext = null;
            String name = cookie.getName();
            if (name.startsWith("niagara_auth") || name.startsWith("niagara_auth_auto")) {
                authContext = new BasicAuthContext(this, Base64.decodeToString(cookie.getValue()));
                authContext.setScheme("Cookie");
            } else if (name.startsWith("niagara_session")) {
                HttpSession httpSession = Sys.getService(BWebService.TYPE).getHttpSession(cookie.getValue());
                Boolean bool2 = null;
                if (httpSession != null) {
                    bool2 = (Boolean) httpSession.getAttribute(BWebService.SESSION_INFO_AUTH);
                }
                if (bool2 != null && bool2.booleanValue()) {
                    authContext = new SessionAuthContext(this, (String) httpSession.getAttribute(BWebService.SESSION_INFO_USER));
                } else if (httpSession != null && (bool = (Boolean) httpSession.getAttribute(BWebService.SESSION_INFO_GUEST)) != null && bool.booleanValue()) {
                    authContext = new SessionAuthContext(this, getUserService().getGuestUser().getName());
                }
            }
            if (authContext != null) {
                authContext.setCookieSource(cookie);
                authContext.setExtendExpiration(z);
            }
            return authContext;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.tridium.web.BHttpAuthAgent
    protected void updateCookie(BHttpAuthAgent.AuthContext authContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (authContext.getCookieSource() == null) {
            return;
        }
        boolean z = false;
        if (authContext.getExtendExpiration()) {
            authContext.getCookieSource().setPath("/");
            authContext.getCookieSource().setMaxAge(1296000);
            z = true;
        }
        if (z) {
            httpServletResponse.addCookie(authContext.getCookieSource());
        }
    }

    public byte[] makeDigest(String str, String str2, String str3) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(TextUtil.bytesToHexString(digest(new StringBuffer().append(str).append(':').append(str2).toString())));
        stringBuffer.append(':');
        stringBuffer.append(str3);
        return digest(stringBuffer.toString());
    }

    public Type getType() {
        return TYPE;
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Throwable, java.lang.Class] */
    /* renamed from: class, reason: not valid java name */
    static Class m50class(String str, boolean z) {
        ?? componentType;
        try {
            Class<?> cls = Class.forName(str);
            if (z) {
                return cls;
            }
            componentType = cls.getComponentType();
            return componentType;
        } catch (ClassNotFoundException unused) {
            throw new NoClassDefFoundError(componentType.getMessage());
        }
    }

    /* renamed from: this, reason: not valid java name */
    private final void m51this() {
        this.localLex = null;
        this.bajaLex = null;
    }

    protected BHttpUsernamePasswordAuthAgent() {
        m51this();
    }

    static {
        Class cls = class$com$tridium$web$BHttpUsernamePasswordAuthAgent;
        if (cls == null) {
            cls = m50class("[Lcom.tridium.web.BHttpUsernamePasswordAuthAgent;", false);
            class$com$tridium$web$BHttpUsernamePasswordAuthAgent = cls;
        }
        TYPE = Sys.loadType(cls);
        USER_SYNC_EXT_TYPE = null;
    }
}
