package org.exist.security;

import java.io.IOException;
import java.util.Properties;
import org.apache.axis.wsdl.symbolTable.SymbolTable;
import org.apache.log4j.Logger;
import org.apache.tools.ant.taskdefs.email.EmailTask;
import org.exist.EXistException;
import org.exist.storage.BrokerPool;
import org.exist.util.DatabaseConfigurationException;
import org.exist.xmldb.XmldbURI;
import org.icepdf.core.util.PdfOps;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/exist-1_4_1_dev_orbeon_20110104.jar:org/exist/security/User.class */
public class User {
    private static final String GROUP = "group";
    private static final String NAME = "name";
    private static final String PASS = "password";
    private static final String DIGEST_PASS = "digest-password";
    private static final String USER_ID = "uid";
    private static final String HOME = "home";
    public static final int PLAIN_ENCODING = 0;
    public static final int SIMPLE_MD5_ENCODING = 1;
    public static final int MD5_ENCODING = 2;
    public static int PASSWORD_ENCODING;
    public static boolean CHECK_PASSWORDS;
    private String[] groups;
    private String password;
    private String digestPassword;
    private String user;
    private int uid;
    private XmldbURI home;
    private boolean hasDbaRole;
    private static final Logger LOG = Logger.getLogger(User.class);
    public static final User DEFAULT = new User("guest", (String) null, "guest");
    private static String realm = "exist";

    public static void enablePasswordChecks(boolean z) {
        CHECK_PASSWORDS = z;
    }

    public static void setPasswordEncoding(String str) {
        if (str != null) {
            LOG.equals("Setting password encoding to " + str);
            if (str.equalsIgnoreCase(EmailTask.PLAIN)) {
                PASSWORD_ENCODING = 0;
            } else if (str.equalsIgnoreCase("md5")) {
                PASSWORD_ENCODING = 2;
            } else {
                PASSWORD_ENCODING = 1;
            }
        }
    }

    public static void setPasswordRealm(String str) {
        realm = str;
    }

    public User(String str, String str2) {
        this.groups = null;
        this.password = null;
        this.digestPassword = null;
        this.uid = -1;
        this.home = null;
        this.hasDbaRole = false;
        this.user = str;
        setPassword(str2);
    }

    public User(String str) {
        this.groups = null;
        this.password = null;
        this.digestPassword = null;
        this.uid = -1;
        this.home = null;
        this.hasDbaRole = false;
        this.user = str;
    }

    public User(String str, String str2, String str3) {
        this(str, str2);
        addGroup(str3);
    }

    public User(int i, int i2, Element element) throws DatabaseConfigurationException {
        this.groups = null;
        this.password = null;
        this.digestPassword = null;
        this.uid = -1;
        this.home = null;
        this.hasDbaRole = false;
        this.user = element.getAttribute("name");
        if (this.user == null || this.user.length() == 0) {
            throw new DatabaseConfigurationException("user needs a name");
        }
        if (i == 0) {
            Attr attributeNode = element.getAttributeNode("password");
            this.digestPassword = attributeNode == null ? null : attributeNode.getValue();
            this.password = null;
        } else {
            Attr attributeNode2 = element.getAttributeNode("password");
            this.password = attributeNode2 == null ? null : attributeNode2.getValue();
            if (this.password != null && this.password.length() > 0) {
                if (this.password.startsWith("{MD5}")) {
                    this.password = this.password.substring(5);
                }
                if (this.password.charAt(0) == '{') {
                    throw new DatabaseConfigurationException("Unrecognized password encoding " + this.password + " for user " + this.user);
                }
            }
            Attr attributeNode3 = element.getAttributeNode(DIGEST_PASS);
            this.digestPassword = attributeNode3 == null ? null : attributeNode3.getValue();
        }
        Attr attributeNode4 = element.getAttributeNode(USER_ID);
        if (attributeNode4 == null) {
            throw new DatabaseConfigurationException("attribute id missing");
        }
        try {
            this.uid = Integer.parseInt(attributeNode4.getValue());
            Attr attributeNode5 = element.getAttributeNode(HOME);
            this.home = attributeNode5 == null ? null : XmldbURI.create(attributeNode5.getValue());
            NodeList childNodes = element.getChildNodes();
            for (int i3 = 0; i3 < childNodes.getLength(); i3++) {
                Node item = childNodes.item(i3);
                if (item.getNodeType() == 1 && item.getLocalName().equals("group")) {
                    addGroup(item.getFirstChild().getNodeValue());
                }
            }
        } catch (NumberFormatException e) {
            throw new DatabaseConfigurationException("illegal user id: " + attributeNode4 + " for user " + this.user);
        }
    }

    public final void addGroup(String str) {
        if (this.groups == null) {
            this.groups = new String[1];
            this.groups[0] = str;
        } else {
            int length = this.groups.length;
            String[] strArr = new String[length + 1];
            System.arraycopy(this.groups, 0, strArr, 0, length);
            strArr[length] = str;
            this.groups = strArr;
        }
        if ("dba".equals(str)) {
            this.hasDbaRole = true;
        }
    }

    public final void remGroup(String str) {
        String[] strArr;
        if (this.groups == null) {
            this.groups = new String[1];
            this.groups[0] = "guest";
        } else {
            int length = this.groups.length;
            if (length > 1) {
                strArr = new String[length - 1];
            } else {
                strArr = new String[1];
                length = 1;
            }
            boolean z = false;
            for (int i = 0; i < length; i++) {
                if (this.groups[i].equals(str)) {
                    z = true;
                } else if (z) {
                    strArr[i - 1] = this.groups[i];
                } else {
                    strArr[i] = this.groups[i];
                }
            }
            if (z && length == 1) {
                strArr[0] = "guest";
            }
            this.groups = strArr;
        }
        if ("dba".equals(str)) {
            this.hasDbaRole = false;
        }
    }

    public final void setGroups(String[] strArr) {
        this.groups = strArr;
        for (String str : strArr) {
            if ("dba".equals(str)) {
                this.hasDbaRole = true;
            }
        }
    }

    public final String[] getGroups() {
        return this.groups == null ? new String[0] : this.groups;
    }

    public final boolean hasDbaRole() {
        return this.hasDbaRole;
    }

    public final String getName() {
        return this.user;
    }

    public final int getUID() {
        return this.uid;
    }

    public final String getPassword() {
        return this.password;
    }

    public final String getDigestPassword() {
        return this.digestPassword;
    }

    public final String getPrimaryGroup() {
        if (this.groups == null || this.groups.length == 0) {
            return null;
        }
        return this.groups[0];
    }

    public final boolean hasGroup(String str) {
        if (this.groups == null) {
            return false;
        }
        for (int i = 0; i < this.groups.length; i++) {
            if (this.groups[i].equals(str)) {
                return true;
            }
        }
        return false;
    }

    public final void setPassword(String str) {
        if (str == null) {
            this.password = null;
            this.digestPassword = null;
        } else {
            this.password = MessageDigester.md5(str, true);
            this.digestPassword = digest(str);
        }
    }

    public final void setPasswordDigest(String str) {
        this.digestPassword = str == null ? null : str;
    }

    public final void setEncodedPassword(String str) {
        this.password = str == null ? null : str;
    }

    public final String digest(String str) {
        switch (PASSWORD_ENCODING) {
            case 0:
                return str;
            case 2:
                return MessageDigester.md5(this.user + ":" + realm + ":" + str, false);
            default:
                return MessageDigester.md5(str, true);
        }
    }

    public final String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<user name=\"");
        stringBuffer.append(this.user);
        stringBuffer.append("\" ");
        stringBuffer.append("uid=\"");
        stringBuffer.append(Integer.toString(this.uid));
        stringBuffer.append(PdfOps.DOUBLE_QUOTE__TOKEN);
        if (this.password != null) {
            stringBuffer.append(" password=\"{MD5}");
            stringBuffer.append(this.password);
            stringBuffer.append('\"');
        }
        if (this.digestPassword != null) {
            stringBuffer.append(" digest-password=\"");
            stringBuffer.append(this.digestPassword);
            stringBuffer.append('\"');
        }
        if (this.home != null) {
            stringBuffer.append(" home=\"");
            stringBuffer.append(this.home);
            stringBuffer.append("\">");
        } else {
            stringBuffer.append(SymbolTable.ANON_TOKEN);
        }
        if (this.groups != null) {
            for (int i = 0; i < this.groups.length; i++) {
                stringBuffer.append("<group>");
                stringBuffer.append(this.groups[i]);
                stringBuffer.append("</group>");
            }
        }
        stringBuffer.append("</user>");
        return stringBuffer.toString();
    }

    public final boolean validate(String str) {
        try {
            return validate(str, BrokerPool.getInstance().getSecurityManager());
        } catch (EXistException e) {
            LOG.warn("Failed to get security manager in validate: ", e);
            return false;
        }
    }

    public final boolean validate(String str, SecurityManager securityManager) {
        if (!CHECK_PASSWORDS) {
            return true;
        }
        if (this.password == null && this.digestPassword == null) {
            return true;
        }
        if (str == null) {
            return false;
        }
        if (securityManager != null && (securityManager instanceof LDAPbindSecurityManager)) {
            return ((LDAPbindSecurityManager) securityManager).bind(this.user, str);
        }
        if (this.password == null || !MessageDigester.md5(str, true).equals(this.password)) {
            return this.digestPassword != null && digest(str).equals(this.digestPassword);
        }
        return true;
    }

    public final boolean validateDigest(String str) {
        if (this.digestPassword == null) {
            return true;
        }
        if (str == null) {
            return false;
        }
        return digest(str).equals(this.digestPassword);
    }

    public void setUID(int i) {
        this.uid = i;
    }

    public void setHome(XmldbURI xmldbURI) {
        this.home = xmldbURI;
    }

    public XmldbURI getHome() {
        return this.home;
    }

    public boolean equals(Object obj) {
        User user = (User) obj;
        return user != null && this.uid == user.uid;
    }

    static {
        CHECK_PASSWORDS = true;
        Properties properties = new Properties();
        try {
            properties.load(User.class.getClassLoader().getResourceAsStream("org/exist/security/security.properties"));
        } catch (IOException e) {
        }
        setPasswordEncoding(properties.getProperty("passwords.encoding", "md5"));
        String property = properties.getProperty("passwords.check", "yes");
        CHECK_PASSWORDS = property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true");
    }
}
