package nl.b3p.commons.security;

import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.UnavailableException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import nl.b3p.commons.security.xml.Role;
import nl.b3p.commons.security.xml.User;
import nl.b3p.commons.security.xml.WebappUsers;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.exolab.castor.xml.MarshalException;
import org.exolab.castor.xml.ValidationException;

/* loaded from: input_file:WEB-INF/lib/b3p-commons-core-5.0.2.jar:nl/b3p/commons/security/XmlSecurityDatabase.class */
public class XmlSecurityDatabase extends HttpServlet {
    private static final Log log = LogFactory.getLog(XmlSecurityDatabase.class);
    private static WebappUsers securityDatabase = null;
    private static HashMap userpasswords = null;
    private static HashMap userroles = null;
    private static int maxNumOfSessions = 0;
    private static boolean initialized = false;

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            String realPath = getServletContext().getRealPath(servletConfig.getInitParameter("config"));
            log("config pad: " + realPath);
            FileReader fileReader = new FileReader(realPath);
            if (fileReader != null) {
                try {
                    try {
                        securityDatabase = WebappUsers.unmarshal(fileReader);
                    } catch (MarshalException e) {
                        log.error("MarshalException", e);
                    }
                } catch (ValidationException e2) {
                    log.error("MarshalException", e2);
                }
            } else if (log.isDebugEnabled()) {
                log.debug("config reader is null");
            }
            if (securityDatabase == null || log == null) {
                System.out.println("XML Security Database servlet not initialized!");
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("Xml Database is not null.");
            }
            maxNumOfSessions = securityDatabase.getMaxsessions();
            log.debug("Max number of active sessions: " + maxNumOfSessions + " (0 = no limit)");
            userpasswords = new HashMap();
            userroles = new HashMap();
            int userCount = securityDatabase.getUserCount();
            for (int i = 0; i < userCount; i++) {
                try {
                    User user = securityDatabase.getUser(i);
                    if (user != null) {
                        if (log.isDebugEnabled()) {
                            log.debug("Init user: " + user.getUsername());
                        }
                        userpasswords.put(user.getUsername(), user.getPassword());
                        String roles = user.getRoles();
                        if (roles != null && roles.length() != 0) {
                            ArrayList arrayList = new ArrayList();
                            int roleCount = securityDatabase.getRoleCount();
                            for (int i2 = 0; i2 < roleCount; i2++) {
                                try {
                                    Role role = securityDatabase.getRole(i2);
                                    if (role != null && roles.indexOf(role.getRolename()) >= 0) {
                                        arrayList.add(role.getRolename());
                                        if (log.isDebugEnabled()) {
                                            log.debug("  adding role: " + role.getRolename());
                                        }
                                    }
                                } catch (IndexOutOfBoundsException e3) {
                                }
                            }
                            userroles.put(user.getUsername(), arrayList);
                        }
                    }
                } catch (IndexOutOfBoundsException e4) {
                }
            }
            initialized = true;
            if (log.isInfoEnabled()) {
                log.debug("Initializing Xml Security Database servlet");
            }
        } catch (Exception e5) {
            log.error("Xml Security Database load exception", e5);
            throw new UnavailableException("Cannot load xml security database");
        }
    }

    public void destroy() {
        securityDatabase = null;
        userpasswords = null;
        userroles = null;
        super.destroy();
    }

    protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html");
        httpServletResponse.getWriter().close();
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    public static boolean booleanAuthenticate(String str, String str2) {
        if (!isInitialized()) {
            return false;
        }
        if (log.isDebugEnabled()) {
            log.debug("Trying to login: " + str + " with password: " + str2);
        }
        int activeSessions = SessionCounter.getActiveSessions();
        if (log.isDebugEnabled()) {
            log.debug("Number of active sessions: " + activeSessions);
        }
        return (maxNumOfSessions <= 0 || activeSessions <= maxNumOfSessions) && userpasswords != null && str != null && str2 != null && userpasswords.containsKey(str) && str2.equals((String) userpasswords.get(str));
    }

    public static boolean isUserInRole(String str, String str2) {
        if (!isInitialized()) {
            return false;
        }
        if (log.isDebugEnabled()) {
            log.debug("Checking role: " + str2 + " for user: " + str);
        }
        int activeSessions = SessionCounter.getActiveSessions();
        if (log.isDebugEnabled()) {
            log.debug("Number of active sessions: " + activeSessions);
        }
        if ((maxNumOfSessions > 0 && activeSessions > maxNumOfSessions) || userroles == null || str == null || str2 == null || !userroles.containsKey(str) || !((ArrayList) userroles.get(str)).contains(str2)) {
            return false;
        }
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("  OK!");
        return true;
    }

    public static WebappUsers getSecurityDatabase() {
        return securityDatabase;
    }

    public static boolean isInitialized() {
        return initialized;
    }

    public String getServletInfo() {
        return "XML Security Database servlet";
    }
}
