package org.mobicents.servlet.sip.security;

import java.security.Principal;
import javax.sip.address.Address;
import org.apache.catalina.deploy.SecurityCollection;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mobicents.servlet.sip.SipFactories;
import org.mobicents.servlet.sip.message.SipServletRequestImpl;
import org.mobicents.servlet.sip.message.SipServletResponseImpl;
import org.mobicents.servlet.sip.security.authentication.DigestAuthenticator;
import org.mobicents.servlet.sip.startup.SipContext;
import org.mobicents.servlet.sip.startup.loading.SipLoginConfig;
import org.mobicents.servlet.sip.startup.loading.SipSecurityCollection;
import org.mobicents.servlet.sip.startup.loading.SipSecurityConstraint;

/* loaded from: input_file:org/mobicents/servlet/sip/security/SipSecurityUtils.class */
public class SipSecurityUtils {
    private static Log log = LogFactory.getLog(SipSecurityUtils.class);

    public static boolean authenticate(SipContext sipContext, SipServletRequestImpl sipServletRequestImpl, SipSecurityConstraint sipSecurityConstraint) {
        boolean z = false;
        SipLoginConfig sipLoginConfig = sipContext.getSipLoginConfig();
        try {
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (sipLoginConfig == null) {
            log.debug("No login configuration found in sip.xml. We won't authenticate.");
            return true;
        }
        String authMethod = sipLoginConfig.getAuthMethod();
        if (authMethod != null) {
            String idetitySchemeSettings = sipLoginConfig.getIdetitySchemeSettings(SipLoginConfig.IDENTITY_SCHEME_P_ASSERTED);
            if (idetitySchemeSettings != null && sipServletRequestImpl.getHeader(SipLoginConfig.IDENTITY_SCHEME_P_ASSERTED) != null) {
                String header = sipServletRequestImpl.getHeader(SipLoginConfig.IDENTITY_SCHEME_P_ASSERTED);
                if (header == null && SipLoginConfig.IDENTITY_SCHEME_REQUIRED.equals(idetitySchemeSettings)) {
                    sipServletRequestImpl.createResponse(428, "P-Asserted-Idetity header is required!").send();
                    return false;
                }
                Address createAddress = SipFactories.addressFactory.createAddress(header);
                String user = createAddress.getURI().isSipURI() ? createAddress.getURI().getUser() : createAddress.getURI().getPhoneNumber();
                Principal impersonatePrincipal = impersonatePrincipal(user, sipContext.getRealm());
                if (impersonatePrincipal != null) {
                    z = true;
                    sipServletRequestImpl.setUserPrincipal(impersonatePrincipal);
                    sipServletRequestImpl.getSipSession().setUserPrincipal(impersonatePrincipal);
                    log.debug("P-Asserted-Identity authetication successful for user: " + user);
                }
            }
            if (!z && authMethod.equalsIgnoreCase("DIGEST")) {
                DigestAuthenticator digestAuthenticator = new DigestAuthenticator();
                digestAuthenticator.setContext(sipContext);
                z = digestAuthenticator.authenticate(sipServletRequestImpl, createErrorResponse(sipServletRequestImpl, sipSecurityConstraint), sipLoginConfig);
                sipServletRequestImpl.setUserPrincipal(digestAuthenticator.getPrincipal());
            } else if (authMethod.equalsIgnoreCase("BASIC")) {
                throw new IllegalStateException("Basic authentication not supported in JSR 289");
            }
        }
        return z;
    }

    private static SipServletResponseImpl createErrorResponse(SipServletRequestImpl sipServletRequestImpl, SipSecurityConstraint sipSecurityConstraint) {
        return sipSecurityConstraint.isProxyAuthentication() ? (SipServletResponseImpl) sipServletRequestImpl.createResponse(407) : (SipServletResponseImpl) sipServletRequestImpl.createResponse(401);
    }

    public static boolean authorize(SipContext sipContext, SipServletRequestImpl sipServletRequestImpl) {
        boolean z = true;
        SecurityConstraint[] findConstraints = sipContext.findConstraints();
        if (findConstraints.length == 0) {
            return true;
        }
        for (SecurityConstraint securityConstraint : findConstraints) {
            if (securityConstraint instanceof SipSecurityConstraint) {
                SipSecurityConstraint sipSecurityConstraint = (SipSecurityConstraint) securityConstraint;
                for (SecurityCollection securityCollection : sipSecurityConstraint.findCollections()) {
                    SipSecurityCollection sipSecurityCollection = (SipSecurityCollection) securityCollection;
                    String handler = sipServletRequestImpl.getSipSession().getHandler();
                    if (sipSecurityCollection.findMethod(sipServletRequestImpl.getMethod()) && sipSecurityCollection.findServletName(handler)) {
                        boolean z2 = false;
                        if (authenticate(sipContext, sipServletRequestImpl, sipSecurityConstraint)) {
                            GenericPrincipal userPrincipal = sipServletRequestImpl.getUserPrincipal();
                            if (userPrincipal == null) {
                                return false;
                            }
                            String[] findAuthRoles = securityConstraint.findAuthRoles();
                            int length = findAuthRoles.length;
                            int i = 0;
                            while (true) {
                                if (i >= length) {
                                    break;
                                }
                                if (userPrincipal.hasRole(findAuthRoles[i])) {
                                    z2 = true;
                                    break;
                                }
                                i++;
                            }
                        }
                        if (!z2) {
                            z = false;
                            log.error("Constraint \"" + securityConstraint.getDisplayName() + "\" not satifsied");
                        }
                    }
                }
            }
        }
        return z;
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException: Cannot invoke "java.util.List.isEmpty()" because "s" is null
        	at jadx.core.utils.BlockUtils.getNextBlock(BlockUtils.java:411)
        	at jadx.core.dex.visitors.regions.RegionMaker.traverse(RegionMaker.java:172)
        	at jadx.core.dex.visitors.regions.RegionMaker.makeRegion(RegionMaker.java:91)
        	at jadx.core.dex.visitors.regions.RegionMaker.processIf(RegionMaker.java:735)
        	at jadx.core.dex.visitors.regions.RegionMaker.traverse(RegionMaker.java:152)
        	at jadx.core.dex.visitors.regions.RegionMaker.makeRegion(RegionMaker.java:91)
        	at jadx.core.dex.visitors.regions.RegionMaker.processExcHandler(RegionMaker.java:1110)
        	at jadx.core.dex.visitors.regions.RegionMaker.processTryCatchBlocks(RegionMaker.java:1046)
        	at jadx.core.dex.visitors.regions.RegionMakerVisitor.visit(RegionMakerVisitor.java:55)
        */
    public static java.security.Principal impersonatePrincipal(java.lang.String r7, org.apache.catalina.Realm r8) {
        /*
            r0 = 0
            r9 = r0
            r0 = r8
            java.lang.Class r0 = r0.getClass()
            r10 = r0
            r0 = r8
            boolean r0 = r0 instanceof org.apache.catalina.realm.RealmBase     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            if (r0 != 0) goto L2f
            java.lang.RuntimeException r0 = new java.lang.RuntimeException     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r3 = r2
            r3.<init>()     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.String r3 = "Only Realms extending RealmBase are supported. Report this error. Current realm class is "
            java.lang.StringBuilder r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r3 = r8
            java.lang.Class r3 = r3.getClass()     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.String r3 = r3.getCanonicalName()     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.StringBuilder r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            throw r0     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
        L2f:
            r0 = r9
            if (r0 != 0) goto L55
            r0 = r10
            java.lang.String r1 = "getPrincipal"
            r2 = 1
            java.lang.Class[] r2 = new java.lang.Class[r2]     // Catch: java.lang.NoSuchMethodException -> L47 java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r3 = r2
            r4 = 0
            java.lang.Class<java.lang.String> r5 = java.lang.String.class
            r3[r4] = r5     // Catch: java.lang.NoSuchMethodException -> L47 java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.reflect.Method r0 = r0.getDeclaredMethod(r1, r2)     // Catch: java.lang.NoSuchMethodException -> L47 java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r9 = r0
            goto L49
        L47:
            r11 = move-exception
        L49:
            r0 = r10
            java.lang.Class r0 = r0.getSuperclass()     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r10 = r0
            r0 = r10
            if (r0 != 0) goto L2f
            goto L55
        L55:
            r0 = r9
            r1 = 1
            r0.setAccessible(r1)     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r0 = r9
            r1 = r8
            r2 = 1
            java.lang.Object[] r2 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r3 = r2
            r4 = 0
            r5 = r7
            r3[r4] = r5     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.lang.Object r0 = r0.invoke(r1, r2)     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            java.security.Principal r0 = (java.security.Principal) r0     // Catch: java.lang.Throwable -> L76 java.lang.Throwable -> L9b
            r11 = r0
            r0 = r11
            r12 = r0
            r0 = jsr -> La3
        L73:
            r1 = r12
            return r1
        L76:
            r11 = move-exception
            org.apache.commons.logging.Log r0 = org.mobicents.servlet.sip.security.SipSecurityUtils.log     // Catch: java.lang.Throwable -> L9b
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L9b
            r2 = r1
            r2.<init>()     // Catch: java.lang.Throwable -> L9b
            java.lang.String r2 = "Could not impersonate user "
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L9b
            r2 = r7
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L9b
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Throwable -> L9b
            r2 = r11
            r0.error(r1, r2)     // Catch: java.lang.Throwable -> L9b
            r0 = jsr -> La3
        L98:
            goto Lb0
        L9b:
            r13 = move-exception
            r0 = jsr -> La3
        La0:
            r1 = r13
            throw r1
        La3:
            r14 = r0
            r0 = r9
            if (r0 == 0) goto Lae
            r0 = r9
            r1 = 0
            r0.setAccessible(r1)
        Lae:
            ret r14
        Lb0:
            r1 = 0
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.mobicents.servlet.sip.security.SipSecurityUtils.impersonatePrincipal(java.lang.String, org.apache.catalina.Realm):java.security.Principal");
    }
}
