package org.apache.catalina.realm;

import com.alipay.sdk.util.h;
import com.zzhoujay.richtext.ext.Debug;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeSupport;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import javax.servlet.annotation.ServletSecurity;
import org.apache.catalina.Container;
import org.apache.catalina.Context;
import org.apache.catalina.CredentialHandler;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleState;
import org.apache.catalina.Realm;
import org.apache.catalina.Server;
import org.apache.catalina.Service;
import org.apache.catalina.Wrapper;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.util.LifecycleMBeanBase;
import org.apache.catalina.util.SessionConfig;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.res.StringManager;
import org.apache.tomcat.util.security.ConcurrentMessageDigest;
import org.apache.tomcat.util.security.MD5Encoder;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;

/* loaded from: classes3.dex */
public abstract class RealmBase extends LifecycleMBeanBase implements Realm {
    protected static final StringManager sm;
    private CredentialHandler credentialHandler;
    protected X509UsernameRetriever x509UsernameRetriever;
    protected String x509UsernameRetrieverClassName;
    private static final Log log = LogFactory.getLog((Class<?>) RealmBase.class);
    private static final List<Class<? extends DigestCredentialHandlerBase>> credentialHandlerClasses = new ArrayList();
    protected Container container = null;
    protected Log containerLog = null;
    protected final PropertyChangeSupport support = new PropertyChangeSupport(this);
    protected boolean validate = true;
    protected AllRolesMode allRolesMode = AllRolesMode.STRICT_MODE;
    protected boolean stripRealmForGss = true;
    private int transportGuaranteeRedirectStatus = 302;
    protected String realmPath = "/realm0";

    /* loaded from: classes3.dex */
    protected static class AllRolesMode {
        private final String name;
        public static final AllRolesMode STRICT_MODE = new AllRolesMode("strict");
        public static final AllRolesMode AUTH_ONLY_MODE = new AllRolesMode("authOnly");
        public static final AllRolesMode STRICT_AUTH_ONLY_MODE = new AllRolesMode("strictAuthOnly");

        private AllRolesMode(String str) {
            this.name = str;
        }

        static AllRolesMode toMode(String str) {
            if (str.equalsIgnoreCase(STRICT_MODE.name)) {
                return STRICT_MODE;
            }
            if (str.equalsIgnoreCase(AUTH_ONLY_MODE.name)) {
                return AUTH_ONLY_MODE;
            }
            if (str.equalsIgnoreCase(STRICT_AUTH_ONLY_MODE.name)) {
                return STRICT_AUTH_ONLY_MODE;
            }
            throw new IllegalStateException("Unknown mode, must be one of: strict, authOnly, strictAuthOnly");
        }

        public boolean equals(Object obj) {
            if (obj instanceof AllRolesMode) {
                return this.name.equals(((AllRolesMode) obj).name);
            }
            return false;
        }

        public int hashCode() {
            return this.name.hashCode();
        }

        public String toString() {
            return this.name;
        }
    }

    static {
        credentialHandlerClasses.add(MessageDigestCredentialHandler.class);
        credentialHandlerClasses.add(SecretKeyCredentialHandler.class);
        sm = StringManager.getManager((Class<?>) RealmBase.class);
    }

    public static final String Digest(String str, String str2, String str3) {
        try {
            MessageDigest messageDigest = (MessageDigest) MessageDigest.getInstance(str2).clone();
            if (str3 == null) {
                messageDigest.update(str.getBytes());
            } else {
                messageDigest.update(str.getBytes(str3));
            }
            return HexUtils.toHexString(messageDigest.digest());
        } catch (Exception e) {
            log.error(e);
            return str;
        }
    }

    private static X509UsernameRetriever createUsernameRetriever(String str) throws LifecycleException {
        if (str == null || "".equals(str.trim())) {
            return new X509SubjectDnRetriever();
        }
        try {
            return (X509UsernameRetriever) Class.forName(str).newInstance();
        } catch (ClassCastException e) {
            throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.ClassCastException", str), e);
        } catch (ClassNotFoundException e2) {
            throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.ClassNotFoundException", str), e2);
        } catch (IllegalAccessException e3) {
            throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.IllegalAccessException", str), e3);
        } catch (InstantiationException e4) {
            throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.InstantiationException", str), e4);
        }
    }

    private Charset getDigestCharset() throws UnsupportedEncodingException {
        String digestEncoding = getDigestEncoding();
        return digestEncoding == null ? StandardCharsets.ISO_8859_1 : B2CConverter.getCharset(digestEncoding);
    }

    private String getDigestEncoding() {
        CredentialHandler credentialHandler = this.credentialHandler;
        if (credentialHandler instanceof MessageDigestCredentialHandler) {
            return ((MessageDigestCredentialHandler) credentialHandler).getEncoding();
        }
        return null;
    }

    /* JADX WARN: Code restructure failed: missing block: B:43:0x0087, code lost:
    
        if (r5 != null) goto L37;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x0089, code lost:
    
        r4 = "SHA-512";
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void main(java.lang.String[] r13) {
        /*
            Method dump skipped, instructions count: 300
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.catalina.realm.RealmBase.main(java.lang.String[]):void");
    }

    private SecurityConstraint[] resultsToArray(ArrayList<SecurityConstraint> arrayList) {
        if (arrayList == null || arrayList.size() == 0) {
            return null;
        }
        SecurityConstraint[] securityConstraintArr = new SecurityConstraint[arrayList.size()];
        arrayList.toArray(securityConstraintArr);
        return securityConstraintArr;
    }

    private static void usage() {
        System.out.println("Usage: RealmBase [-a <algorithm>] [-e <encoding>] [-i <iterations>] [-s <salt-length>] [-k <key-length>] [-h <handler-class-name>] <credentials>");
    }

    @Override // org.apache.catalina.Realm
    public void addPropertyChangeListener(PropertyChangeListener propertyChangeListener) {
        this.support.addPropertyChangeListener(propertyChangeListener);
    }

    public Principal authenticate(String str) {
        if (str == null) {
            return null;
        }
        if (this.containerLog.isTraceEnabled()) {
            this.containerLog.trace(sm.getString("realmBase.authenticateSuccess", str));
        }
        return getPrincipal(str);
    }

    public Principal authenticate(String str, String str2) {
        if (str == null || str2 == null) {
            if (this.containerLog.isTraceEnabled()) {
                this.containerLog.trace(sm.getString("realmBase.authenticateFailure", str));
            }
            return null;
        }
        String password = getPassword(str);
        if (password == null) {
            getCredentialHandler().mutate(str2);
            if (this.containerLog.isTraceEnabled()) {
                this.containerLog.trace(sm.getString("realmBase.authenticateFailure", str));
            }
            return null;
        }
        if (getCredentialHandler().matches(str2, password)) {
            if (this.containerLog.isTraceEnabled()) {
                this.containerLog.trace(sm.getString("realmBase.authenticateSuccess", str));
            }
            return getPrincipal(str);
        }
        if (this.containerLog.isTraceEnabled()) {
            this.containerLog.trace(sm.getString("realmBase.authenticateFailure", str));
        }
        return null;
    }

    public Principal authenticate(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        String str9;
        String digest = getDigest(str, str7);
        if (digest == null) {
            return null;
        }
        String lowerCase = digest.toLowerCase(Locale.ENGLISH);
        if (str6 == null) {
            str9 = lowerCase + ":" + str3 + ":" + str8;
        } else {
            str9 = lowerCase + ":" + str3 + ":" + str4 + ":" + str5 + ":" + str6 + ":" + str8;
        }
        try {
            String encode = MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(str9.getBytes(getDigestCharset())));
            if (log.isDebugEnabled()) {
                log.debug("Digest : " + str2 + " Username:" + str + " ClientDigest:" + str2 + " nonce:" + str3 + " nc:" + str4 + " cnonce:" + str5 + " qop:" + str6 + " realm:" + str7 + "md5a2:" + str8 + " Server digest:" + encode);
            }
            if (encode.equals(str2)) {
                return getPrincipal(str);
            }
            return null;
        } catch (UnsupportedEncodingException e) {
            log.error("Illegal digestEncoding: " + getDigestEncoding(), e);
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public Principal authenticate(GSSContext gSSContext, boolean z) {
        GSSName gSSName;
        int indexOf;
        GSSCredential gSSCredential = null;
        if (gSSContext.isEstablished()) {
            try {
                gSSName = gSSContext.getSrcName();
            } catch (GSSException e) {
                log.warn(sm.getString("realmBase.gssNameFail"), e);
                gSSName = null;
            }
            if (gSSName != null) {
                String gSSName2 = gSSName.toString();
                if (isStripRealmForGss() && (indexOf = gSSName2.indexOf(64)) > 0) {
                    gSSName2 = gSSName2.substring(0, indexOf);
                }
                if (z && gSSContext.getCredDelegState()) {
                    try {
                        gSSCredential = gSSContext.getDelegCred();
                    } catch (GSSException e2) {
                        if (log.isDebugEnabled()) {
                            log.debug(sm.getString("realmBase.delegatedCredentialFail", gSSName2), e2);
                        }
                    }
                }
                return getPrincipal(gSSName2, gSSCredential);
            }
        } else {
            log.error(sm.getString("realmBase.gssContextNotEstablished"));
        }
        return null;
    }

    public Principal authenticate(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null || x509CertificateArr.length < 1) {
            return null;
        }
        if (log.isDebugEnabled()) {
            log.debug("Authenticating client certificate chain");
        }
        if (this.validate) {
            for (int i = 0; i < x509CertificateArr.length; i++) {
                if (log.isDebugEnabled()) {
                    log.debug(" Checking validity for '" + x509CertificateArr[i].getSubjectDN().getName() + "'");
                }
                try {
                    x509CertificateArr[i].checkValidity();
                } catch (Exception e) {
                    if (log.isDebugEnabled()) {
                        log.debug("  Validity exception", e);
                    }
                    return null;
                }
            }
        }
        return getPrincipal(x509CertificateArr[0]);
    }

    public void backgroundProcess() {
    }

    @Override // org.apache.catalina.Realm
    public SecurityConstraint[] findSecurityConstraints(Request request, Context context) {
        String str;
        String str2;
        String str3;
        String str4;
        String str5;
        String str6;
        String str7;
        Object obj;
        String str8;
        Object obj2;
        String str9;
        String str10;
        String str11;
        String str12;
        String str13;
        String str14;
        String str15;
        String str16;
        String str17;
        boolean z;
        int i;
        String str18;
        boolean z2;
        String str19;
        String str20;
        String str21;
        String str22;
        String[] strArr;
        SecurityConstraint[] findConstraints = context.findConstraints();
        if (findConstraints == null || findConstraints.length == 0) {
            if (log.isDebugEnabled()) {
                log.debug("  No applicable constraints defined");
            }
            return null;
        }
        String messageBytes = request.getRequestPathMB().toString();
        String str23 = "/";
        if (messageBytes == null) {
            messageBytes = "/";
        }
        String method = request.getMethod();
        ArrayList<SecurityConstraint> arrayList = null;
        int i2 = 0;
        boolean z3 = false;
        while (true) {
            int length = findConstraints.length;
            str = Debug.PREF;
            str2 = " ";
            str3 = "' against ";
            if (i2 >= length) {
                break;
            }
            SecurityCollection[] findCollections = findConstraints[i2].findCollections();
            if (findCollections != null) {
                if (log.isDebugEnabled()) {
                    log.debug("  Checking constraint '" + findConstraints[i2] + "' against " + method + " " + messageBytes + Debug.PREF + findConstraints[i2].included(messageBytes, method));
                }
                for (int i3 = 0; i3 < findCollections.length; i3++) {
                    String[] findPatterns = findCollections[i3].findPatterns();
                    if (findPatterns != null) {
                        boolean z4 = z3;
                        for (String str24 : findPatterns) {
                            if (messageBytes.equals(str24)) {
                                if (findCollections[i3].findMethod(method)) {
                                    if (arrayList == null) {
                                        arrayList = new ArrayList<>();
                                    }
                                    arrayList.add(findConstraints[i2]);
                                }
                                z4 = true;
                            }
                        }
                        z3 = z4;
                    }
                }
            }
            i2++;
        }
        if (z3) {
            return resultsToArray(arrayList);
        }
        int i4 = 0;
        int i5 = -1;
        while (i4 < findConstraints.length) {
            SecurityCollection[] findCollections2 = findConstraints[i4].findCollections();
            if (findCollections2 == null) {
                str18 = str23;
            } else {
                if (log.isDebugEnabled()) {
                    Log log2 = log;
                    StringBuilder sb = new StringBuilder();
                    sb.append("  Checking constraint '");
                    i = i5;
                    sb.append(findConstraints[i4]);
                    sb.append("' against ");
                    sb.append(method);
                    sb.append(str2);
                    sb.append(messageBytes);
                    sb.append(str);
                    sb.append(findConstraints[i4].included(messageBytes, method));
                    log2.debug(sb.toString());
                } else {
                    i = i5;
                }
                i5 = i;
                int i6 = 0;
                while (i6 < findCollections2.length) {
                    String[] findPatterns2 = findCollections2[i6].findPatterns();
                    if (findPatterns2 == null) {
                        str21 = str23;
                        z2 = z3;
                        str19 = str;
                        str20 = str2;
                    } else {
                        z2 = z3;
                        str19 = str;
                        str20 = str2;
                        int i7 = 0;
                        int i8 = -1;
                        boolean z5 = false;
                        while (i7 < findPatterns2.length) {
                            String str25 = findPatterns2[i7];
                            if (str25.startsWith(str23)) {
                                strArr = findPatterns2;
                                if (!str25.endsWith("/*") || str25.length() < i5) {
                                    str22 = str23;
                                } else {
                                    str22 = str23;
                                    if (str25.length() == 2) {
                                        i8 = str25.length();
                                    } else {
                                        if (!str25.regionMatches(0, messageBytes, 0, str25.length() - 1)) {
                                            if (str25.length() - 2 == messageBytes.length()) {
                                                if (!str25.regionMatches(0, messageBytes, 0, str25.length() - 2)) {
                                                    i7++;
                                                    findPatterns2 = strArr;
                                                    str23 = str22;
                                                }
                                            }
                                        }
                                        i8 = str25.length();
                                    }
                                    z5 = true;
                                    i7++;
                                    findPatterns2 = strArr;
                                    str23 = str22;
                                }
                            } else {
                                str22 = str23;
                                strArr = findPatterns2;
                            }
                            i7++;
                            findPatterns2 = strArr;
                            str23 = str22;
                        }
                        str21 = str23;
                        if (z5) {
                            if (i8 > i5) {
                                if (arrayList != null) {
                                    arrayList.clear();
                                }
                                i5 = i8;
                                z2 = false;
                            }
                            if (findCollections2[i6].findMethod(method)) {
                                if (arrayList == null) {
                                    arrayList = new ArrayList<>();
                                }
                                arrayList.add(findConstraints[i4]);
                                z3 = true;
                                i6++;
                                str = str19;
                                str2 = str20;
                                str23 = str21;
                            }
                        }
                    }
                    z3 = z2;
                    i6++;
                    str = str19;
                    str2 = str20;
                    str23 = str21;
                }
                str18 = str23;
            }
            i4++;
            str = str;
            str2 = str2;
            str23 = str18;
        }
        Object obj3 = str23;
        String str26 = str;
        String str27 = str2;
        if (z3) {
            return resultsToArray(arrayList);
        }
        int i9 = 0;
        while (i9 < findConstraints.length) {
            SecurityCollection[] findCollections3 = findConstraints[i9].findCollections();
            if (findCollections3 == null) {
                str12 = str3;
                str11 = str27;
            } else {
                if (log.isDebugEnabled()) {
                    Log log3 = log;
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append("  Checking constraint '");
                    sb2.append(findConstraints[i9]);
                    sb2.append(str3);
                    sb2.append(method);
                    str10 = str27;
                    sb2.append(str10);
                    sb2.append(messageBytes);
                    str9 = str26;
                    sb2.append(str9);
                    sb2.append(findConstraints[i9].included(messageBytes, method));
                    log3.debug(sb2.toString());
                } else {
                    str9 = str26;
                    str10 = str27;
                }
                int i10 = 0;
                boolean z6 = false;
                int i11 = -1;
                while (i10 < findCollections3.length) {
                    String[] findPatterns3 = findCollections3[i10].findPatterns();
                    if (findPatterns3 == null) {
                        str14 = str10;
                        str13 = str9;
                        str15 = str3;
                    } else {
                        str13 = str9;
                        int i12 = i11;
                        boolean z7 = z6;
                        int i13 = 0;
                        while (i13 < findPatterns3.length && !z7) {
                            String str28 = findPatterns3[i13];
                            String[] strArr2 = findPatterns3;
                            if (str28.startsWith("*.")) {
                                int lastIndexOf = messageBytes.lastIndexOf(47);
                                z = z7;
                                int lastIndexOf2 = messageBytes.lastIndexOf(46);
                                if (lastIndexOf < 0 || lastIndexOf2 <= lastIndexOf) {
                                    str16 = str10;
                                    str17 = str3;
                                } else {
                                    str16 = str10;
                                    if (lastIndexOf2 != messageBytes.length() - 1) {
                                        str17 = str3;
                                        if (messageBytes.length() - lastIndexOf2 == str28.length() - 1 && str28.regionMatches(1, messageBytes, lastIndexOf2, messageBytes.length() - lastIndexOf2)) {
                                            i12 = i10;
                                            z7 = true;
                                            i13++;
                                            findPatterns3 = strArr2;
                                            str10 = str16;
                                            str3 = str17;
                                        }
                                    } else {
                                        str17 = str3;
                                    }
                                    z7 = z;
                                    i13++;
                                    findPatterns3 = strArr2;
                                    str10 = str16;
                                    str3 = str17;
                                }
                            } else {
                                str16 = str10;
                                str17 = str3;
                                z = z7;
                            }
                            z7 = z;
                            i13++;
                            findPatterns3 = strArr2;
                            str10 = str16;
                            str3 = str17;
                        }
                        str14 = str10;
                        str15 = str3;
                        boolean z8 = z7;
                        i11 = i12;
                        z6 = z8;
                    }
                    i10++;
                    str9 = str13;
                    str10 = str14;
                    str3 = str15;
                }
                str11 = str10;
                str26 = str9;
                str12 = str3;
                if (z6) {
                    if (findCollections3[i11].findMethod(method)) {
                        if (arrayList == null) {
                            arrayList = new ArrayList<>();
                        }
                        arrayList.add(findConstraints[i9]);
                    }
                    z3 = true;
                }
            }
            i9++;
            str27 = str11;
            str3 = str12;
        }
        String str29 = str3;
        String str30 = str27;
        if (z3) {
            return resultsToArray(arrayList);
        }
        int i14 = 0;
        while (i14 < findConstraints.length) {
            SecurityCollection[] findCollections4 = findConstraints[i14].findCollections();
            if (findCollections4 == null) {
                str7 = messageBytes;
                str4 = str26;
                str5 = str30;
                obj = obj3;
                str6 = str29;
            } else {
                if (log.isDebugEnabled()) {
                    Log log4 = log;
                    StringBuilder sb3 = new StringBuilder();
                    sb3.append("  Checking constraint '");
                    sb3.append(findConstraints[i14]);
                    str6 = str29;
                    sb3.append(str6);
                    sb3.append(method);
                    str5 = str30;
                    sb3.append(str5);
                    sb3.append(messageBytes);
                    str4 = str26;
                    sb3.append(str4);
                    sb3.append(findConstraints[i14].included(messageBytes, method));
                    log4.debug(sb3.toString());
                } else {
                    str4 = str26;
                    str5 = str30;
                    str6 = str29;
                }
                int i15 = 0;
                while (i15 < findCollections4.length) {
                    String[] findPatterns4 = findCollections4[i15].findPatterns();
                    if (findPatterns4 == null) {
                        str8 = messageBytes;
                        obj2 = obj3;
                    } else {
                        int i16 = 0;
                        boolean z9 = false;
                        while (i16 < findPatterns4.length && !z9) {
                            String str31 = messageBytes;
                            Object obj4 = obj3;
                            if (findPatterns4[i16].equals(obj4)) {
                                z9 = true;
                            }
                            i16++;
                            obj3 = obj4;
                            messageBytes = str31;
                        }
                        str8 = messageBytes;
                        obj2 = obj3;
                        if (z9) {
                            if (arrayList == null) {
                                arrayList = new ArrayList<>();
                            }
                            arrayList.add(findConstraints[i14]);
                        }
                    }
                    i15++;
                    obj3 = obj2;
                    messageBytes = str8;
                }
                str7 = messageBytes;
                obj = obj3;
            }
            i14++;
            obj3 = obj;
            str29 = str6;
            str30 = str5;
            str26 = str4;
            messageBytes = str7;
        }
        if (arrayList == null && log.isDebugEnabled()) {
            log.debug("  No applicable constraint located");
        }
        return resultsToArray(arrayList);
    }

    public String getAllRolesMode() {
        return this.allRolesMode.toString();
    }

    @Override // org.apache.catalina.Realm
    public Container getContainer() {
        return this.container;
    }

    @Override // org.apache.catalina.Realm
    public CredentialHandler getCredentialHandler() {
        return this.credentialHandler;
    }

    protected String getDigest(String str, String str2) {
        if (hasMessageDigest()) {
            return getPassword(str);
        }
        try {
            return MD5Encoder.encode(ConcurrentMessageDigest.digestMD5((str + ":" + str2 + ":" + getPassword(str)).getBytes(getDigestCharset())));
        } catch (UnsupportedEncodingException e) {
            log.error("Illegal digestEncoding: " + getDigestEncoding(), e);
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    @Override // org.apache.catalina.util.LifecycleMBeanBase
    public String getDomainInternal() {
        return this.container.getDomain();
    }

    @Deprecated
    protected abstract String getName();

    @Override // org.apache.catalina.util.LifecycleMBeanBase
    public String getObjectNameKeyProperties() {
        return "type=Realm" + getRealmSuffix() + this.container.getMBeanKeyProperties();
    }

    protected abstract String getPassword(String str);

    protected abstract Principal getPrincipal(String str);

    protected Principal getPrincipal(String str, GSSCredential gSSCredential) {
        Principal principal = getPrincipal(str);
        if (principal instanceof GenericPrincipal) {
            ((GenericPrincipal) principal).setGssCredential(gSSCredential);
        }
        return principal;
    }

    protected Principal getPrincipal(X509Certificate x509Certificate) {
        String username = this.x509UsernameRetriever.getUsername(x509Certificate);
        if (log.isDebugEnabled()) {
            log.debug(sm.getString("realmBase.gotX509Username", username));
        }
        return getPrincipal(username);
    }

    public String getRealmPath() {
        return this.realmPath;
    }

    protected String getRealmSuffix() {
        return ",realmPath=" + getRealmPath();
    }

    @Override // org.apache.catalina.Realm
    public String[] getRoles(Principal principal) {
        if (principal instanceof GenericPrincipal) {
            return ((GenericPrincipal) principal).getRoles();
        }
        throw new IllegalStateException(sm.getString("realmBase.cannotGetRoles", principal.getClass().getSimpleName()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Server getServer() {
        Service service;
        Container container = this.container;
        if (container instanceof Context) {
            container = container.getParent();
        }
        if (container instanceof Host) {
            container = container.getParent();
        }
        if (!(container instanceof Engine) || (service = ((Engine) container).getService()) == null) {
            return null;
        }
        return service.getServer();
    }

    public int getTransportGuaranteeRedirectStatus() {
        return this.transportGuaranteeRedirectStatus;
    }

    public boolean getValidate() {
        return this.validate;
    }

    public String getX509UsernameRetrieverClassName() {
        return this.x509UsernameRetrieverClassName;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasMessageDigest() {
        CredentialHandler credentialHandler = this.credentialHandler;
        return (credentialHandler instanceof MessageDigestCredentialHandler) && ((MessageDigestCredentialHandler) credentialHandler).getAlgorithm() != null;
    }

    /* JADX WARN: Removed duplicated region for block: B:65:0x017a  */
    @Override // org.apache.catalina.Realm
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean hasResourcePermission(org.apache.catalina.connector.Request r10, org.apache.catalina.connector.Response r11, org.apache.tomcat.util.descriptor.web.SecurityConstraint[] r12, org.apache.catalina.Context r13) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 392
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.catalina.realm.RealmBase.hasResourcePermission(org.apache.catalina.connector.Request, org.apache.catalina.connector.Response, org.apache.tomcat.util.descriptor.web.SecurityConstraint[], org.apache.catalina.Context):boolean");
    }

    @Override // org.apache.catalina.Realm
    public boolean hasRole(Wrapper wrapper, Principal principal, String str) {
        String str2;
        if (wrapper == null || (str2 = wrapper.findSecurityReference(str)) == null) {
            str2 = str;
        }
        if (principal == null || str2 == null || !(principal instanceof GenericPrincipal)) {
            return false;
        }
        boolean hasRole = ((GenericPrincipal) principal).hasRole(str2);
        if (log.isDebugEnabled()) {
            String name = principal.getName();
            if (hasRole) {
                log.debug(sm.getString("realmBase.hasRoleSuccess", name, str2));
            } else {
                log.debug(sm.getString("realmBase.hasRoleFailure", name, str2));
            }
        }
        return hasRole;
    }

    @Override // org.apache.catalina.Realm
    public boolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] securityConstraintArr) throws IOException {
        if (securityConstraintArr == null || securityConstraintArr.length == 0) {
            if (log.isDebugEnabled()) {
                log.debug("  No applicable security constraint defined");
            }
            return true;
        }
        for (SecurityConstraint securityConstraint : securityConstraintArr) {
            String userConstraint = securityConstraint.getUserConstraint();
            if (userConstraint == null) {
                if (log.isDebugEnabled()) {
                    log.debug("  No applicable user data constraint defined");
                }
                return true;
            }
            if (userConstraint.equals(ServletSecurity.TransportGuarantee.NONE.name())) {
                if (log.isDebugEnabled()) {
                    log.debug("  User data constraint has no restrictions");
                }
                return true;
            }
        }
        if (request.getRequest().isSecure()) {
            if (log.isDebugEnabled()) {
                log.debug("  User data constraint already satisfied");
            }
            return true;
        }
        int redirectPort = request.getConnector().getRedirectPort();
        if (redirectPort <= 0) {
            if (log.isDebugEnabled()) {
                log.debug("  SSL redirect is disabled");
            }
            response.sendError(403, request.getRequestURI());
            return false;
        }
        StringBuilder sb = new StringBuilder();
        String serverName = request.getServerName();
        sb.append("https");
        sb.append("://");
        sb.append(serverName);
        if (redirectPort != 443) {
            sb.append(":");
            sb.append(redirectPort);
        }
        sb.append(request.getRequestURI());
        String requestedSessionId = request.getRequestedSessionId();
        if (requestedSessionId != null && request.isRequestedSessionIdFromURL()) {
            sb.append(h.b);
            sb.append(SessionConfig.getSessionUriParamName(request.getContext()));
            sb.append("=");
            sb.append(requestedSessionId);
        }
        String queryString = request.getQueryString();
        if (queryString != null) {
            sb.append('?');
            sb.append(queryString);
        }
        if (log.isDebugEnabled()) {
            log.debug("  Redirecting to " + sb.toString());
        }
        response.sendRedirect(sb.toString(), this.transportGuaranteeRedirectStatus);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.catalina.util.LifecycleMBeanBase, org.apache.catalina.util.LifecycleBase
    public void initInternal() throws LifecycleException {
        super.initInternal();
        Container container = this.container;
        if (container != null) {
            this.containerLog = container.getLogger();
        }
        this.x509UsernameRetriever = createUsernameRetriever(this.x509UsernameRetrieverClassName);
    }

    public boolean isAvailable() {
        return true;
    }

    public boolean isStripRealmForGss() {
        return this.stripRealmForGss;
    }

    @Override // org.apache.catalina.Realm
    public void removePropertyChangeListener(PropertyChangeListener propertyChangeListener) {
        this.support.removePropertyChangeListener(propertyChangeListener);
    }

    public void setAllRolesMode(String str) {
        this.allRolesMode = AllRolesMode.toMode(str);
    }

    public void setContainer(Container container) {
        Container container2 = this.container;
        this.container = container;
        this.support.firePropertyChange("container", container2, this.container);
    }

    @Override // org.apache.catalina.Realm
    public void setCredentialHandler(CredentialHandler credentialHandler) {
        this.credentialHandler = credentialHandler;
    }

    public void setRealmPath(String str) {
        this.realmPath = str;
    }

    public void setStripRealmForGss(boolean z) {
        this.stripRealmForGss = z;
    }

    public void setTransportGuaranteeRedirectStatus(int i) {
        this.transportGuaranteeRedirectStatus = i;
    }

    public void setValidate(boolean z) {
        this.validate = z;
    }

    public void setX509UsernameRetrieverClassName(String str) {
        this.x509UsernameRetrieverClassName = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.catalina.util.LifecycleBase
    public void startInternal() throws LifecycleException {
        if (this.credentialHandler == null) {
            this.credentialHandler = new MessageDigestCredentialHandler();
        }
        setState(LifecycleState.STARTING);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.catalina.util.LifecycleBase
    public void stopInternal() throws LifecycleException {
        setState(LifecycleState.STOPPING);
    }

    public String toString() {
        return "Realm[" + getName() + ']';
    }
}
