package org.dynmap;

import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Properties;
import java.util.Random;
import java.util.Set;
import org.dynmap.common.DynmapCommandSender;
import org.dynmap.common.DynmapPlayer;
import org.dynmap.forge_1_19.commons.codec.digest.MessageDigestAlgorithms;
import org.dynmap.servlet.LoginServlet;

/* loaded from: input_file:org/dynmap/WebAuthManager.class */
public class WebAuthManager {
    private String hashsalt;
    private File pfile;
    public static final String WEBAUTHFILE = "webauth.txt";
    private static final String HASHSALT = "$HASH_SALT$";
    private static final String PWDHASH_PREFIX = "hash.";
    private DynmapCore core;
    private HashMap<String, String> pwdhash_by_userid = new HashMap<>();
    private HashMap<String, String> pending_registrations = new HashMap<>();
    private Random rnd = new Random();

    public WebAuthManager(DynmapCore dynmapCore) {
        this.core = dynmapCore;
        this.pfile = new File(dynmapCore.getDataFolder(), WEBAUTHFILE);
        if (this.pfile.canRead()) {
            FileReader fileReader = null;
            try {
                try {
                    fileReader = new FileReader(this.pfile);
                    Properties properties = new Properties();
                    properties.load(fileReader);
                    this.hashsalt = properties.getProperty(HASHSALT);
                    for (String str : properties.stringPropertyNames()) {
                        if (str.equals(HASHSALT)) {
                            this.hashsalt = properties.getProperty(str);
                        } else if (str.startsWith(PWDHASH_PREFIX)) {
                            this.pwdhash_by_userid.put(str.substring(PWDHASH_PREFIX.length()).toLowerCase(), properties.getProperty(str));
                        }
                    }
                    if (fileReader != null) {
                        try {
                            fileReader.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (IOException e2) {
                    Log.severe("Cannot read webauth.txt");
                    if (fileReader != null) {
                        try {
                            fileReader.close();
                        } catch (IOException e3) {
                        }
                    }
                }
            } catch (Throwable th) {
                if (fileReader != null) {
                    try {
                        fileReader.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        }
        if (this.hashsalt == null) {
            this.hashsalt = Long.toHexString(this.rnd.nextLong());
        }
    }

    public boolean save() {
        boolean z = false;
        FileWriter fileWriter = null;
        try {
            try {
                fileWriter = new FileWriter(this.pfile);
                Properties properties = new Properties();
                properties.setProperty(HASHSALT, this.hashsalt);
                for (String str : this.pwdhash_by_userid.keySet()) {
                    properties.setProperty(PWDHASH_PREFIX + str, this.pwdhash_by_userid.get(str));
                }
                properties.store(fileWriter, "DO NOT EDIT THIS FILE");
                z = true;
                if (fileWriter != null) {
                    try {
                        fileWriter.close();
                    } catch (IOException e) {
                    }
                }
            } catch (IOException e2) {
                Log.severe("Error writing webauth.txt");
                if (fileWriter != null) {
                    try {
                        fileWriter.close();
                    } catch (IOException e3) {
                    }
                }
            }
            if (z) {
                this.core.events.trigger("loginupdated", null);
            }
            return z;
        } catch (Throwable th) {
            if (fileWriter != null) {
                try {
                    fileWriter.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    private String makeHash(String str) {
        try {
            String str2 = "";
            for (byte b : MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256).digest((this.hashsalt + str).getBytes("UTF-8"))) {
                str2 = str2 + String.format("%02X", Integer.valueOf(255 & b));
            }
            return str2;
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            return null;
        }
    }

    public boolean checkLogin(String str, String str2) {
        String lowerCase = str.toLowerCase();
        if (lowerCase.equals(LoginServlet.USERID_GUEST)) {
            return true;
        }
        String str3 = this.pwdhash_by_userid.get(lowerCase);
        if (str3 == null || this.core.getServer().isPlayerBanned(lowerCase)) {
            return false;
        }
        return str3.equals(makeHash(str2));
    }

    public boolean registerLogin(String str, String str2, String str3) {
        String lowerCase = str.toLowerCase();
        if (lowerCase.equals(LoginServlet.USERID_GUEST) || this.core.getServer().isPlayerBanned(lowerCase)) {
            return false;
        }
        String lowerCase2 = str3.toLowerCase();
        String remove = this.pending_registrations.remove(lowerCase);
        if (remove == null || !remove.equals(lowerCase2)) {
            return false;
        }
        this.pwdhash_by_userid.put(lowerCase, makeHash(str2));
        return save();
    }

    public boolean unregisterLogin(String str) {
        if (str.equals(LoginServlet.USERID_GUEST)) {
            return true;
        }
        this.pwdhash_by_userid.remove(str.toLowerCase());
        return save();
    }

    public boolean isRegistered(String str) {
        if (str.equals(LoginServlet.USERID_GUEST)) {
            return false;
        }
        return this.pwdhash_by_userid.containsKey(str.toLowerCase());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean processCompletedRegister(String str, String str2, String str3) {
        String remove;
        String lowerCase = str.toLowerCase();
        if (lowerCase.equals(LoginServlet.USERID_GUEST) || this.core.getServer().isPlayerBanned(lowerCase) || (remove = this.pending_registrations.remove(lowerCase)) == null || !remove.equals(str2.toLowerCase())) {
            return false;
        }
        this.pwdhash_by_userid.put(lowerCase, str3);
        return save();
    }

    public static final boolean checkUserName(String str) {
        int length = str.length();
        if (length <= 0 || length > 16) {
            return false;
        }
        for (int i = 0; i < length; i++) {
            if ("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_".indexOf(str.charAt(i)) < 0) {
                return false;
            }
        }
        return true;
    }

    public boolean processWebRegisterCommand(DynmapCore dynmapCore, DynmapCommandSender dynmapCommandSender, DynmapPlayer dynmapPlayer, String[] strArr) {
        String name;
        DynmapPlayer player;
        boolean z = false;
        if (strArr.length > 1) {
            if (!dynmapCore.checkPlayerPermission(dynmapCommandSender, "webregister.other")) {
                dynmapCommandSender.sendMessage("Not authorized to set web login information for other players");
                return true;
            }
            name = strArr[1];
            z = true;
        } else {
            if (dynmapPlayer == null) {
                dynmapCommandSender.sendMessage("Must provide user ID to register web login");
                return true;
            }
            name = dynmapPlayer.getName();
        }
        if (!checkUserName(name)) {
            dynmapCommandSender.sendMessage("Invalid user ID");
            return true;
        }
        String format = String.format("%04d-%04d", Integer.valueOf(this.rnd.nextInt(10000)), Integer.valueOf(this.rnd.nextInt(10000)));
        this.pending_registrations.put(name.toLowerCase(), format.toLowerCase());
        dynmapCommandSender.sendMessage("Registration pending for user ID: " + name);
        dynmapCommandSender.sendMessage("Registration code: " + format);
        dynmapCommandSender.sendMessage("Enter ID and code on registration web page (login.html) to complete registration");
        if (z && (player = dynmapCore.getServer().getPlayer(name)) != null) {
            player.sendMessage("The registration of your account for web access has been started.");
            player.sendMessage("To complete the process, access the Login page on the Dynmap map");
            player.sendMessage("Registration code: " + format);
            player.sendMessage("The user ID must match your account ID, but the password should NOT be the same.");
        }
        dynmapCore.events.trigger("loginupdated", null);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getLoginPHP(boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("<?php\n");
        }
        sb.append("$pwdsalt = '").append(this.hashsalt).append("';\n");
        sb.append("$pwdhash = array(\n");
        for (String str : this.pwdhash_by_userid.keySet()) {
            sb.append("  '").append(esc(str)).append("' => '").append(esc(this.pwdhash_by_userid.get(str))).append("',\n");
        }
        sb.append(");\n");
        sb.append("$pendingreg = array(\n");
        for (String str2 : this.pending_registrations.keySet()) {
            sb.append("  '").append(esc(str2)).append("' => '").append(esc(this.pending_registrations.get(str2))).append("',\n");
        }
        sb.append(");\n");
        if (z) {
            sb.append("?>\n");
        }
        return sb.toString();
    }

    public static String esc(String str) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt == '\\') {
                sb.append("\\\\");
            } else if (charAt == '\'') {
                sb.append("\\'");
            } else {
                sb.append(charAt);
            }
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAccessPHP(boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("<?php\n");
        }
        ArrayList arrayList = new ArrayList();
        sb.append("$worldaccess = array(\n");
        for (DynmapWorld dynmapWorld : this.core.getMapManager().getWorlds()) {
            if (dynmapWorld.isProtected()) {
                String str = "world." + dynmapWorld.getName();
                sb.append("  '").append(esc(dynmapWorld.getName())).append("' => '");
                for (String str2 : this.pwdhash_by_userid.keySet()) {
                    if (this.core.getServer().checkPlayerPermission(str2, str)) {
                        sb.append("[").append(esc(str2)).append("]");
                    }
                }
                sb.append("',\n");
            }
            for (MapType mapType : dynmapWorld.maps) {
                if (mapType.isProtected()) {
                    arrayList.add(dynmapWorld.getName() + "." + mapType.getPrefix());
                }
            }
        }
        sb.append(");\n");
        sb.append("$mapaccess = array(\n");
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            String str3 = (String) it.next();
            String str4 = "map." + str3;
            sb.append("  '").append(esc(str3)).append("' => '");
            for (String str5 : this.pwdhash_by_userid.keySet()) {
                if (this.core.getServer().checkPlayerPermission(str5, str4)) {
                    sb.append("[").append(esc(str5)).append("]");
                }
            }
            sb.append("',\n");
        }
        sb.append(");\n");
        HashSet hashSet = new HashSet();
        sb.append("$seeallmarkers = '");
        for (String str6 : this.pwdhash_by_userid.keySet()) {
            if (this.core.getServer().checkPlayerPermission(str6, "playermarkers.seeall")) {
                sb.append("[").append(esc(str6)).append("]");
            } else {
                hashSet.add(str6);
            }
        }
        sb.append("';\n");
        sb.append("$playervisible = array(\n");
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            String lowerCase = ((String) it2.next()).toLowerCase();
            Set<String> playersVisibleToPlayer = this.core.getPlayersVisibleToPlayer(lowerCase);
            if (playersVisibleToPlayer.size() != 1 || !playersVisibleToPlayer.contains(lowerCase)) {
                sb.append("  '").append(esc(lowerCase)).append("' => '");
                Iterator<String> it3 = playersVisibleToPlayer.iterator();
                while (it3.hasNext()) {
                    sb.append("[").append(esc(it3.next())).append("]");
                }
                sb.append("',\n");
            }
        }
        sb.append(");\n");
        this.core.getDefaultMapStorage().addPaths(sb, this.core);
        if (z) {
            sb.append("?>\n");
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getDisabledAccessPHP(DynmapCore dynmapCore, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (z) {
            sb.append("<?php\n");
        }
        dynmapCore.getDefaultMapStorage().addPaths(sb, dynmapCore);
        if (z) {
            sb.append("?>\n");
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean pendingRegisters() {
        return this.pending_registrations.size() > 0;
    }

    Set<String> getUserIDs() {
        HashSet hashSet = new HashSet();
        hashSet.addAll(this.pwdhash_by_userid.keySet());
        hashSet.addAll(this.pending_registrations.keySet());
        return hashSet;
    }
}
