package net.handle.server.servletcontainer.auth;

import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import net.cnri.util.StringUtils;
import net.handle.hdllib.AbstractMessage;
import net.handle.hdllib.Util;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:net/handle/server/servletcontainer/auth/StandardHandleAuthenticationFilter$HeaderFixingResponseWrapper.class */
class StandardHandleAuthenticationFilter$HeaderFixingResponseWrapper extends HttpServletResponseWrapper {
    private static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
    private final HttpServletRequest request;
    private final Set<String> exposedHeaders;

    public StandardHandleAuthenticationFilter$HeaderFixingResponseWrapper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
        this.request = httpServletRequest;
        if (httpServletRequest.getHeader("Origin") == null) {
            this.exposedHeaders = null;
            return;
        }
        this.exposedHeaders = new HashSet();
        this.exposedHeaders.add("Content-Length");
        fixResponseExposeHeaders();
    }

    private void fixResponseExposeHeaders() {
        Collection<String> headers = getHeaders(ACCESS_CONTROL_EXPOSE_HEADERS);
        if (headers == null) {
            return;
        }
        for (String str : headers) {
            if (str != null && !str.isEmpty()) {
                for (String str2 : str.split(",")) {
                    this.exposedHeaders.add(str2);
                }
            }
        }
        if (this.exposedHeaders.isEmpty()) {
            super.setHeader(ACCESS_CONTROL_EXPOSE_HEADERS, (String) null);
        } else {
            super.setHeader(ACCESS_CONTROL_EXPOSE_HEADERS, commify(this.exposedHeaders));
        }
    }

    public void setStatus(int i) {
        super.setStatus(i);
        addAuthenticateHeaders(i);
    }

    @Deprecated
    public void setStatus(int i, String str) {
        super.setStatus(i, str);
        addAuthenticateHeaders(i);
    }

    public void setDateHeader(String str, long j) {
        exposeHeader(str);
        super.setDateHeader(str, j);
    }

    public void addDateHeader(String str, long j) {
        exposeHeader(str);
        super.addDateHeader(str, j);
    }

    public void setHeader(String str, String str2) {
        exposeHeader(str);
        super.setHeader(str, str2);
    }

    public void addHeader(String str, String str2) {
        exposeHeader(str);
        super.addHeader(str, str2);
    }

    public void setIntHeader(String str, int i) {
        exposeHeader(str);
        super.setIntHeader(str, i);
    }

    public void addIntHeader(String str, int i) {
        exposeHeader(str);
        super.addIntHeader(str, i);
    }

    private boolean isSimpleHeader(String str) {
        return str.equalsIgnoreCase("Cache-Control") || str.equalsIgnoreCase("Content-Language") || str.equalsIgnoreCase("Content-Type") || str.equalsIgnoreCase("Expires") || str.equalsIgnoreCase("Last-Modified") || str.equalsIgnoreCase("Pragma");
    }

    private void exposeHeader(String str) {
        if (this.exposedHeaders == null || str.toLowerCase().startsWith("access-control-") || isSimpleHeader(str)) {
            return;
        }
        this.exposedHeaders.add(str);
        super.setHeader(ACCESS_CONTROL_EXPOSE_HEADERS, commify(this.exposedHeaders));
    }

    private String commify(Collection<String> collection) {
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (String str : collection) {
            if (!z) {
                sb.append(",");
            }
            z = false;
            sb.append(str);
        }
        return sb.toString();
    }

    private void addAuthenticateHeaders(int i) {
        if (i == 401) {
            if (!this.request.isSecure()) {
                super.setStatus(AbstractMessage.RC_AUTHENTICATION_FAILED);
            } else {
                if (containsHeader("WWW-Authenticate")) {
                    return;
                }
                if (requestMayWantBasicAuth()) {
                    addHeader("WWW-Authenticate", "Basic realm=\"handle\"");
                }
                addWwwAuthenticateHandleHeader();
            }
        }
    }

    private boolean requestMayWantBasicAuth() {
        String header = this.request.getHeader("Authorization");
        return header != null ? header.startsWith("Basic") : !"XMLHttpRequest".equals(this.request.getHeader("X-Requested-With"));
    }

    public void addWwwAuthenticateHandleHeader() {
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) this.request.getAttribute(AuthenticationResponse.class.getName());
        if (authenticationResponse.getSessionId() == null) {
            addSessionInfo(authenticationResponse);
        }
        StringBuilder sb = new StringBuilder();
        sb.append("Handle sessionId=\"").append(authenticationResponse.getSessionId()).append("\"");
        sb.append(", nonce=\"").append(Base64.encodeBase64String(authenticationResponse.getNonce())).append("\"");
        if (authenticationResponse.getServerSignature() != null) {
            sb.append(", serverAlg=\"").append(authenticationResponse.getServerAlg()).append("\"");
            sb.append(", serverSignature=\"").append(Base64.encodeBase64String(authenticationResponse.getServerSignature())).append("\"");
        }
        if (!authenticationResponse.getErrors().isEmpty()) {
            sb.append(", error=\"").append(combineErrorsForHeader(authenticationResponse.getErrors())).append("\"");
        }
        addHeader("WWW-Authenticate", sb.toString());
    }

    private void addSessionInfo(AuthenticationResponse authenticationResponse) {
        HandleAuthenticationStatus fromSession = HandleAuthenticationStatus.fromSession(this.request.getSession(), true);
        authenticationResponse.setSessionId(fromSession.getSessionId());
        authenticationResponse.setNonce(fromSession.getNonce());
    }

    private static String combineErrorsForHeader(Collection<String> collection) {
        StringBuilder sb = new StringBuilder();
        for (String str : collection) {
            if (sb.length() > 0) {
                sb.append("; ");
            }
            escapeErrorForHeader(sb, str);
        }
        return sb.toString();
    }

    private static void escapeErrorForHeader(StringBuilder sb, String str) {
        for (byte b : Util.encodeString(str)) {
            if (b == 34) {
                sb.append("\\\"");
            } else if (b == 92) {
                sb.append("\\\\");
            } else if (b < 32 || b >= Byte.MAX_VALUE || b == 37) {
                sb.append("%");
                sb.append(StringUtils.encodeHexChar(b));
            } else {
                sb.append((char) b);
            }
        }
    }
}
