package marauroa.server.game.messagehandler;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import marauroa.common.Configuration;
import marauroa.common.Log4J;
import marauroa.common.Logger;
import marauroa.common.crypto.Hash;
import marauroa.common.crypto.SymmetricKey;
import marauroa.common.net.Channel;
import marauroa.common.net.message.Message;
import marauroa.common.net.message.MessageC2SLoginSendNonceNameAndPassword;
import marauroa.common.net.message.MessageC2SLoginSendNonceNamePasswordAndSeed;
import marauroa.common.net.message.MessageC2SLoginSendUsernameAndPassword;
import marauroa.common.net.message.MessageC2SLoginWithToken;
import marauroa.common.net.message.MessageS2CLoginACK;
import marauroa.common.net.message.MessageS2CLoginMessageNACK;
import marauroa.common.net.message.MessageS2CLoginNACK;
import marauroa.common.net.message.MessageS2CServerInfo;
import marauroa.server.auth.AuthenticationManager;
import marauroa.server.db.command.DBCommandPriority;
import marauroa.server.db.command.DBCommandQueue;
import marauroa.server.game.container.ClientState;
import marauroa.server.game.container.PlayerEntry;
import marauroa.server.game.container.PlayerEntryContainer;
import marauroa.server.game.container.SecuredLoginInfo;
import marauroa.server.game.dbcommand.LoadAllActiveCharactersCommand;
import marauroa.server.game.dbcommand.LoginCommand;
import marauroa.server.game.rp.RPServerManager;

/* loaded from: input_file:marauroa/server/game/messagehandler/SecuredLoginHandler.class */
class SecuredLoginHandler extends MessageHandler implements DelayedEventHandler {
    private static final Logger logger = Log4J.getLogger(SecuredLoginHandler.class);
    private AuthenticationManager authMan;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:marauroa/server/game/messagehandler/SecuredLoginHandler$ServerInfo.class */
    public static class ServerInfo {
        private static org.apache.log4j.Logger infoLogger = org.apache.log4j.Logger.getLogger(ServerInfo.class);
        private static Configuration config;

        private ServerInfo() {
        }

        public static String[] get() {
            ArrayList arrayList = new ArrayList();
            Enumeration<?> propertyNames = config.propertyNames();
            while (propertyNames.hasMoreElements()) {
                String valueOf = String.valueOf(propertyNames.nextElement());
                if (valueOf.startsWith("server_")) {
                    arrayList.add(config.get(valueOf));
                }
            }
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        }

        static {
            try {
                config = Configuration.getConfiguration();
                config.get("server_typeGame");
                config.get("server_name");
                config.get("server_version");
                config.get("server_contact");
            } catch (Exception e) {
                infoLogger.error("ERROR: Unable to load Server info", e);
            }
        }
    }

    public SecuredLoginHandler() {
        try {
            this.authMan = (AuthenticationManager) Class.forName(Configuration.getConfiguration().get("authentication", "marauroa.server.auth.DatabaseAuthenticationManager")).newInstance();
        } catch (IOException e) {
            logger.error(e, e);
        } catch (ReflectiveOperationException e2) {
            logger.error(e2, e2);
        }
    }

    @Override // marauroa.server.game.messagehandler.MessageHandler
    public void process(Message message) {
        PlayerEntry playerEntry = this.playerContainer.get(message.getClientID());
        if (isValidEvent(message, playerEntry, ClientState.CONNECTION_ACCEPTED)) {
            SecuredLoginInfo fillLoginInfo = fillLoginInfo(message, playerEntry);
            if (!fillLoginInfo.isUsingSecureChannel() || Hash.compare(Hash.hash(fillLoginInfo.clientNonce), fillLoginInfo.clientNonceHash) == 0) {
                this.authMan.verify(fillLoginInfo, this, playerEntry.clientid, message.getChannel(), message.getProtocolVersion());
            } else {
                logger.warn("Different hashs for client Nonce");
            }
        }
    }

    private void completeLogin(Channel channel, int i, int i2, SecuredLoginInfo securedLoginInfo, List<String> list) {
        PlayerEntry playerEntry = PlayerEntryContainer.getContainer().get(i);
        logger.debug("Correct username/password");
        if (playerEntry == null) {
            logger.warn("Did not find PlayerEntry in completeLogin, timeout? " + securedLoginInfo);
            return;
        }
        playerEntry.username = securedLoginInfo.username;
        playerEntry.loginInformations = null;
        this.stats.add("Players login", 1);
        MessageS2CLoginACK messageS2CLoginACK = new MessageS2CLoginACK(channel, list);
        messageS2CLoginACK.setClientID(i);
        messageS2CLoginACK.setProtocolVersion(i2);
        this.netMan.sendMessage(messageS2CLoginACK);
        MessageS2CServerInfo messageS2CServerInfo = new MessageS2CServerInfo(channel, ServerInfo.get());
        messageS2CServerInfo.setClientID(i);
        messageS2CServerInfo.setProtocolVersion(i2);
        this.netMan.sendMessage(messageS2CServerInfo);
        DBCommandQueue.get().enqueue(new LoadAllActiveCharactersCommand(playerEntry.username, new SendCharacterListHandler(this.netMan, i2), i, channel, i2), DBCommandPriority.CRITICAL);
        playerEntry.state = ClientState.LOGIN_COMPLETE;
    }

    private SecuredLoginInfo fillLoginInfo(Message message, PlayerEntry playerEntry) {
        SecuredLoginInfo securedLoginInfo = playerEntry.loginInformations;
        if (message instanceof MessageC2SLoginSendNonceNameAndPassword) {
            MessageC2SLoginSendNonceNameAndPassword messageC2SLoginSendNonceNameAndPassword = (MessageC2SLoginSendNonceNameAndPassword) message;
            securedLoginInfo.clientNonce = messageC2SLoginSendNonceNameAndPassword.getHash();
            securedLoginInfo.username = messageC2SLoginSendNonceNameAndPassword.getUsername();
            securedLoginInfo.password = messageC2SLoginSendNonceNameAndPassword.getPassword();
        } else if (message instanceof MessageC2SLoginSendNonceNamePasswordAndSeed) {
            MessageC2SLoginSendNonceNamePasswordAndSeed messageC2SLoginSendNonceNamePasswordAndSeed = (MessageC2SLoginSendNonceNamePasswordAndSeed) message;
            securedLoginInfo.clientNonce = messageC2SLoginSendNonceNamePasswordAndSeed.getHash();
            securedLoginInfo.username = messageC2SLoginSendNonceNamePasswordAndSeed.getUsername();
            securedLoginInfo.password = messageC2SLoginSendNonceNamePasswordAndSeed.getPassword();
            securedLoginInfo.seed = decode(securedLoginInfo, messageC2SLoginSendNonceNamePasswordAndSeed.getSeed());
        } else if (message instanceof MessageC2SLoginWithToken) {
            MessageC2SLoginWithToken messageC2SLoginWithToken = (MessageC2SLoginWithToken) message;
            securedLoginInfo.clientNonce = messageC2SLoginWithToken.getNonce();
            securedLoginInfo.username = messageC2SLoginWithToken.getUsername();
            securedLoginInfo.tokenType = messageC2SLoginWithToken.getTokenType();
            securedLoginInfo.token = decodeToken(securedLoginInfo, messageC2SLoginWithToken);
        } else {
            MessageC2SLoginSendUsernameAndPassword messageC2SLoginSendUsernameAndPassword = (MessageC2SLoginSendUsernameAndPassword) message;
            securedLoginInfo = new SecuredLoginInfo(playerEntry.getAddress());
            playerEntry.loginInformations = securedLoginInfo;
            securedLoginInfo.username = messageC2SLoginSendUsernameAndPassword.getUsername();
            securedLoginInfo.password = messageC2SLoginSendUsernameAndPassword.getPassword();
            securedLoginInfo.usingSecureChannel = false;
        }
        return securedLoginInfo;
    }

    private String decode(SecuredLoginInfo securedLoginInfo, byte[] bArr) {
        byte[] decodeByteArray = securedLoginInfo.key.decodeByteArray(bArr);
        byte[] xor = Hash.xor(securedLoginInfo.clientNonce, securedLoginInfo.serverNonce);
        if (xor == null) {
            logger.debug("B2 is null");
            return null;
        }
        try {
            return new String(Hash.xor(decodeByteArray, xor), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.error(e, e);
            return null;
        }
    }

    private String decodeToken(SecuredLoginInfo securedLoginInfo, MessageC2SLoginWithToken messageC2SLoginWithToken) {
        try {
            return new String(new SymmetricKey(Hash.xor(securedLoginInfo.key.decodeByteArray(messageC2SLoginWithToken.getEncryptedSessionKey()), Hash.xor(securedLoginInfo.clientNonce, securedLoginInfo.serverNonce))).decrypt(messageC2SLoginWithToken.getInitVector(), messageC2SLoginWithToken.getEncryptedToken()), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.error(e, e);
            return null;
        } catch (GeneralSecurityException e2) {
            logger.error(e2, e2);
            return null;
        }
    }

    @Override // marauroa.server.game.messagehandler.DelayedEventHandler
    public void handleDelayedEvent(RPServerManager rPServerManager, Object obj) {
        try {
            LoginCommand loginCommand = (LoginCommand) obj;
            SecuredLoginInfo info = loginCommand.getInfo();
            if (loginCommand.getFailReason() == MessageS2CLoginNACK.Reasons.TOO_MANY_TRIES) {
                logger.debug("Blocked account for player " + info.username + " and/or address " + info.address);
                MessageS2CLoginNACK messageS2CLoginNACK = new MessageS2CLoginNACK(loginCommand.getChannel(), MessageS2CLoginNACK.Reasons.TOO_MANY_TRIES);
                messageS2CLoginNACK.setProtocolVersion(loginCommand.getProtocolVersion());
                this.netMan.sendMessage(messageS2CLoginNACK);
                this.netMan.disconnectClient(loginCommand.getChannel());
                return;
            }
            if (loginCommand.getFailReason() != null) {
                logger.debug("Incorrect username/password for player " + info.username);
                this.stats.add("Players invalid login", 1);
                if (info.reason == null) {
                    info.reason = MessageS2CLoginNACK.Reasons.USERNAME_WRONG;
                }
                MessageS2CLoginNACK messageS2CLoginNACK2 = new MessageS2CLoginNACK(loginCommand.getChannel(), info.reason);
                messageS2CLoginNACK2.setProtocolVersion(loginCommand.getProtocolVersion());
                this.netMan.sendMessage(messageS2CLoginNACK2);
                this.playerContainer.remove(loginCommand.getClientid());
                return;
            }
            if (loginCommand.getFailMessage() != null) {
                logger.info("Banned/Inactive account for player " + info.username + ": " + loginCommand.getFailMessage());
                MessageS2CLoginMessageNACK messageS2CLoginMessageNACK = new MessageS2CLoginMessageNACK(loginCommand.getChannel(), loginCommand.getFailMessage());
                messageS2CLoginMessageNACK.setProtocolVersion(loginCommand.getProtocolVersion());
                this.netMan.sendMessage(messageS2CLoginMessageNACK);
                this.netMan.disconnectClient(loginCommand.getChannel());
                return;
            }
            int countConnectionsFromSameIPAddress = info.countConnectionsFromSameIPAddress(this.playerContainer);
            Configuration configuration = Configuration.getConfiguration();
            if (countConnectionsFromSameIPAddress <= configuration.getInt("parallel_connection_limit", 10) || ("," + configuration.get("ip_whitelist", "127.0.0.1") + ",").indexOf("," + info.address + ",") >= 0) {
                completeLogin(loginCommand.getChannel(), loginCommand.getClientid(), loginCommand.getProtocolVersion(), info, loginCommand.getPreviousLogins());
                return;
            }
            logger.info("to many parallel connections from " + info.address + " rejecting login of " + info.username);
            MessageS2CLoginMessageNACK messageS2CLoginMessageNACK2 = new MessageS2CLoginMessageNACK(loginCommand.getChannel(), "There are too many connections from your ip-address.\nPlease contact /support, if you are at a conference or something similar.");
            messageS2CLoginMessageNACK2.setProtocolVersion(loginCommand.getProtocolVersion());
            this.netMan.sendMessage(messageS2CLoginMessageNACK2);
            this.netMan.disconnectClient(loginCommand.getChannel());
        } catch (IOException e) {
            logger.error("error while processing SecuredLoginEvent: " + obj, e);
        } catch (RuntimeException e2) {
            logger.error("error while processing SecuredLoginEvent: " + obj, e2);
        }
    }
}
