package org.ametys.plugins.repositoryapp.authentication;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.MessageDigest;
import javax.xml.xpath.XPathFactory;
import org.ametys.runtime.authentication.BasicCredentialsProvider;
import org.ametys.runtime.authentication.Credentials;
import org.ametys.runtime.authentication.CredentialsProvider;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.context.Contextualizable;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.commons.codec.binary.Base64;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/ametys/plugins/repositoryapp/authentication/AdminRepositoryAuthentication.class */
public class AdminRepositoryAuthentication extends AbstractLogEnabled implements RepositoryAuthentication, Contextualizable {
    public static final String ADMINISTRATOR_PASSWORD_FILENAME = "/WEB-INF/data/administrator/admin.xml";
    private Context _context;
    private org.apache.cocoon.environment.Context _envContext;

    public void contextualize(Context context) throws ContextException {
        this._context = context;
        this._envContext = (org.apache.cocoon.environment.Context) this._context.get("environment-context");
    }

    @Override // org.ametys.plugins.repositoryapp.authentication.RepositoryAuthentication
    public CredentialsProvider getCredentialsProvider() {
        return new BasicCredentialsProvider("Administration", this._context);
    }

    @Override // org.ametys.plugins.repositoryapp.authentication.RepositoryAuthentication
    public boolean allowUser(Credentials credentials) {
        String login = credentials.getLogin();
        String password = credentials.getPassword();
        try {
            if (!"admin".equals(login)) {
                if (!getLogger().isDebugEnabled()) {
                    return false;
                }
                getLogger().debug("The administrator login must be 'admin' => authentication failed");
                return false;
            }
            if (password == null) {
                if (!getLogger().isDebugEnabled()) {
                    return false;
                }
                getLogger().debug("The administrator password cannot be null => authentication failed");
                return false;
            }
            InputStream inputStream = null;
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(this._envContext.getRealPath(ADMINISTRATOR_PASSWORD_FILENAME));
                    String evaluate = XPathFactory.newInstance().newXPath().evaluate("admin/password", new InputSource(fileInputStream));
                    if (evaluate == null || "".equals(evaluate)) {
                        if (getLogger().isWarnEnabled()) {
                            getLogger().warn("The administrator password cannot be null at reading => authentication failed");
                        }
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return false;
                    }
                    if (MessageDigest.isEqual(Base64.decodeBase64(evaluate.getBytes()), MessageDigest.getInstance("MD5").digest(password.getBytes()))) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return true;
                    }
                    if (getLogger().isDebugEnabled()) {
                        getLogger().debug("The user did not give the right password => authentication failed");
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return false;
                } catch (Throwable th) {
                    if (0 != 0) {
                        inputStream.close();
                    }
                    throw th;
                }
            } catch (FileNotFoundException e) {
                if (getLogger().isWarnEnabled()) {
                    getLogger().warn("The file '/WEB-INF/data/administrator/admin.xml' is missing. Default administrator password 'admin' is used.", e);
                }
                boolean equals = "admin".equals(password);
                if (0 != 0) {
                    inputStream.close();
                }
                return equals;
            }
        } catch (Exception e2) {
            getLogger().error("Authentication failed", e2);
            return false;
        }
    }
}
