"use strict";

function handleRequest(request, response) {
  try {
    reallyHandleRequest(request, response);
  } catch (e) {
    response.setStatusLine("1.0", 200, "AlmostOK");
    response.write("Error handling request: " + e);
  }
}

function reallyHandleRequest(request, response) {
  let match;
  let requestAuth = true,
    requestProxyAuth = true;

  // Allow the caller to drive how authentication is processed via the query.
  // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar
  // The extra ? allows the user/pass/realm checks to succeed if the name is
  // at the beginning of the query string.
  let query = "?" + request.queryString;

  let expected_user = "",
    expected_pass = "",
    realm = "mochitest";
  let proxy_expected_user = "",
    proxy_expected_pass = "",
    proxy_realm = "mochi-proxy";
  let huge = false,
    plugin = false,
    anonymous = false;
  let authHeaderCount = 1;
  // user=xxx
  match = /[^_]user=([^&]*)/.exec(query);
  if (match) {
    expected_user = match[1];
  }

  // pass=xxx
  match = /[^_]pass=([^&]*)/.exec(query);
  if (match) {
    expected_pass = match[1];
  }

  // realm=xxx
  match = /[^_]realm=([^&]*)/.exec(query);
  if (match) {
    realm = match[1];
  }

  // proxy_user=xxx
  match = /proxy_user=([^&]*)/.exec(query);
  if (match) {
    proxy_expected_user = match[1];
  }

  // proxy_pass=xxx
  match = /proxy_pass=([^&]*)/.exec(query);
  if (match) {
    proxy_expected_pass = match[1];
  }

  // proxy_realm=xxx
  match = /proxy_realm=([^&]*)/.exec(query);
  if (match) {
    proxy_realm = match[1];
  }

  // huge=1
  match = /huge=1/.exec(query);
  if (match) {
    huge = true;
  }

  // plugin=1
  match = /plugin=1/.exec(query);
  if (match) {
    plugin = true;
  }

  // multiple=1
  match = /multiple=([^&]*)/.exec(query);
  if (match) {
    authHeaderCount = match[1] + 0;
  }

  // anonymous=1
  match = /anonymous=1/.exec(query);
  if (match) {
    anonymous = true;
  }

  // Look for an authentication header, if any, in the request.
  //
  // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
  //
  // This test only supports Basic auth. The value sent by the client is
  // "username:password", obscured with base64 encoding.

  let actual_user = "",
    actual_pass = "",
    authHeader,
    authPresent = false;
  if (request.hasHeader("Authorization")) {
    authPresent = true;
    authHeader = request.getHeader("Authorization");
    match = /Basic (.+)/.exec(authHeader);
    if (match.length != 2) {
      throw Error("Couldn't parse auth header: " + authHeader);
    }

    let userpass = atob(match[1]);
    match = /(.*):(.*)/.exec(userpass);
    if (match.length != 3) {
      throw Error("Couldn't decode auth header: " + userpass);
    }
    actual_user = match[1];
    actual_pass = match[2];
  }

  let proxy_actual_user = "",
    proxy_actual_pass = "";
  if (request.hasHeader("Proxy-Authorization")) {
    authHeader = request.getHeader("Proxy-Authorization");
    match = /Basic (.+)/.exec(authHeader);
    if (match.length != 2) {
      throw Error("Couldn't parse auth header: " + authHeader);
    }

    let userpass = atob(match[1]);
    match = /(.*):(.*)/.exec(userpass);
    if (match.length != 3) {
      throw Error("Couldn't decode auth header: " + userpass);
    }
    proxy_actual_user = match[1];
    proxy_actual_pass = match[2];
  }

  // Don't request authentication if the credentials we got were what we
  // expected.
  if (expected_user == actual_user && expected_pass == actual_pass) {
    requestAuth = false;
  }
  if (
    proxy_expected_user == proxy_actual_user &&
    proxy_expected_pass == proxy_actual_pass
  ) {
    requestProxyAuth = false;
  }

  if (anonymous) {
    if (authPresent) {
      response.setStatusLine(
        "1.0",
        400,
        "Unexpected authorization header found"
      );
    } else {
      response.setStatusLine("1.0", 200, "Authorization header not found");
    }
  } else if (requestProxyAuth) {
    response.setStatusLine("1.0", 407, "Proxy authentication required");
    for (let i = 0; i < authHeaderCount; ++i) {
      response.setHeader(
        "Proxy-Authenticate",
        'basic realm="' + proxy_realm + '"',
        true
      );
    }
  } else if (requestAuth) {
    response.setStatusLine("1.0", 401, "Authentication required");
    for (let i = 0; i < authHeaderCount; ++i) {
      response.setHeader(
        "WWW-Authenticate",
        'basic realm="' + realm + '"',
        true
      );
    }
  } else {
    response.setStatusLine("1.0", 200, "OK");
  }

  response.setHeader("Content-Type", "application/xhtml+xml", false);
  response.write("<html xmlns='http://www.w3.org/1999/xhtml'>");
  response.write(
    "<p>Login: <span id='ok'>" +
      (requestAuth ? "FAIL" : "PASS") +
      "</span></p>\n"
  );
  response.write(
    "<p>Proxy: <span id='proxy'>" +
      (requestProxyAuth ? "FAIL" : "PASS") +
      "</span></p>\n"
  );
  response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n");
  response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n");
  response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n");

  if (huge) {
    response.write("<div style='display: none'>");
    for (let i = 0; i < 100000; i++) {
      response.write("123456789\n");
    }
    response.write("</div>");
    response.write(
      "<span id='footnote'>This is a footnote after the huge content fill</span>"
    );
  }

  if (plugin) {
    response.write(
      "<embed id='embedtest' style='width: 400px; height: 100px;' " +
        "type='application/x-test'></embed>\n"
    );
  }

  response.write("</html>");
}