package electric.servlet.authenticators.basic;

import electric.glue.IGLUELoggingConstants;
import electric.security.ICredentials;
import electric.security.IRealm;
import electric.security.credentials.PasswordCredentials;
import electric.servlet.HTTPContext;
import electric.servlet.InboundHTTPRequest;
import electric.servlet.OutboundHTTPResponse;
import electric.servlet.authenticators.IHTTPAuthenticator;
import electric.servlet.security.WebResourceCollection;
import electric.util.array.ArrayUtil;
import electric.util.encoding.StringEncodings;
import electric.util.http.IHTTPConstants;
import electric.util.io.Streams;
import electric.util.string.Base64;
import java.io.IOException;
import java.io.InputStream;
import java.util.Enumeration;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:electric/servlet/authenticators/basic/BasicAuthenticator.class */
public class BasicAuthenticator implements IHTTPAuthenticator, IHTTPConstants, IGLUELoggingConstants {
    private HTTPContext context;

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public void setContext(HTTPContext hTTPContext) {
        this.context = hTTPContext;
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public boolean authenticate(InboundHTTPRequest inboundHTTPRequest, OutboundHTTPResponse outboundHTTPResponse, String str, WebResourceCollection webResourceCollection) throws IOException {
        if (webResourceCollection == null || !webResourceCollection.matchesMethod(inboundHTTPRequest.getMethod())) {
            return true;
        }
        IRealm realm = this.context.getRealm();
        if (realm == null) {
            outboundHTTPResponse.sendError(403);
            return false;
        }
        ICredentials[] authenticatedCredentials = getAuthenticatedCredentials(inboundHTTPRequest, realm);
        if (authenticatedCredentials == null || authenticatedCredentials.length <= 0) {
            sendNoAuthenticationResponse(inboundHTTPRequest, outboundHTTPResponse, realm);
            return false;
        }
        inboundHTTPRequest.setAuthenticatedCredentials(authenticatedCredentials);
        return true;
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public String getAuthMethod() {
        return "BASIC";
    }

    public ICredentials[] getAuthenticatedCredentials(HttpServletRequest httpServletRequest, IRealm iRealm) {
        ICredentials[] iCredentialsArr = new ICredentials[0];
        for (PasswordCredentials passwordCredentials : (PasswordCredentials[]) getDeclaredCredentials(httpServletRequest)) {
            if (iRealm.authenticate(passwordCredentials)) {
                iCredentialsArr = (ICredentials[]) ArrayUtil.addElement(iCredentialsArr, passwordCredentials);
            }
        }
        return iCredentialsArr;
    }

    public ICredentials[] getDeclaredCredentials(HttpServletRequest httpServletRequest) {
        Enumeration headers = httpServletRequest.getHeaders(IHTTPConstants.AUTHORIZATION);
        PasswordCredentials[] passwordCredentialsArr = new PasswordCredentials[0];
        while (true) {
            PasswordCredentials[] passwordCredentialsArr2 = passwordCredentialsArr;
            if (!headers.hasMoreElements()) {
                return passwordCredentialsArr2;
            }
            passwordCredentialsArr = (PasswordCredentials[]) getCredentials((String) headers.nextElement(), passwordCredentialsArr2);
        }
    }

    private ICredentials[] getCredentials(String str, ICredentials[] iCredentialsArr) {
        String fromAssumedEncoding;
        int indexOf;
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        if (stringTokenizer.nextToken().equalsIgnoreCase("BASIC") && (indexOf = (fromAssumedEncoding = StringEncodings.fromAssumedEncoding(Base64.fromBase64(stringTokenizer.nextToken()))).indexOf(58)) != -1) {
            return (ICredentials[]) ArrayUtil.addElement(iCredentialsArr, new PasswordCredentials(fromAssumedEncoding.substring(0, indexOf), fromAssumedEncoding.substring(indexOf + 1)));
        }
        return iCredentialsArr;
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public boolean sendNoAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IRealm iRealm) throws IOException {
        String name = iRealm == null ? "null" : iRealm.getName();
        if (httpServletRequest.getContentLength() != -1) {
            Streams.readFully((InputStream) httpServletRequest.getInputStream(), httpServletRequest.getContentLength());
        }
        httpServletResponse.setStatus(IHTTPConstants.SC_UNAUTHORIZED);
        httpServletResponse.addHeader(IHTTPConstants.WWW_AUTHENTICATE, new StringBuffer().append("Basic realm=\"").append(name).append("\"").toString());
        httpServletResponse.setContentLength(0);
        return false;
    }
}
