package org.deegree.services.authentication;

import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.stream.XMLStreamReader;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.commons.codec.binary.Base64;
import org.deegree.services.controller.Credentials;
import org.deegree.services.controller.CredentialsProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/deegree-services-commons-3.3.19.jar:org/deegree/services/authentication/HttpBasicAuthentication.class */
public class HttpBasicAuthentication implements CredentialsProvider {
    private static Logger LOG = LoggerFactory.getLogger(HttpBasicAuthentication.class);

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doKVP(Map<String, String> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SecurityException {
        return doBasicAuthentication(httpServletRequest, httpServletResponse);
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doXML(XMLStreamReader xMLStreamReader, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SecurityException {
        return doBasicAuthentication(httpServletRequest, httpServletResponse);
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doSOAP(SOAPEnvelope sOAPEnvelope, HttpServletRequest httpServletRequest) throws SecurityException {
        throw new UnsupportedOperationException("SOAPSecurity is not implementable in HTTP BASIC!");
    }

    private Credentials doBasicAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LOG.debug("header: " + httpServletRequest.getHeader("authorization"));
        String header = httpServletRequest.getHeader("authorization");
        if (header == null) {
            return null;
        }
        if (!header.startsWith("Basic ") && !header.startsWith("BASIC ")) {
            return null;
        }
        LOG.debug("Found basic authorization header: '" + header + "'.");
        String trim = header.substring(6).trim();
        LOG.debug("encodedCreds: " + trim);
        String str = new String(Base64.decodeBase64(trim));
        LOG.debug("creds: " + str);
        int indexOf = str.indexOf(58);
        if (indexOf == -1) {
            return null;
        }
        String substring = str.substring(0, indexOf);
        String substring2 = str.substring(indexOf + 1);
        LOG.debug("user: " + substring);
        LOG.debug("password: " + substring2);
        return new Credentials(substring, substring2);
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public void handleException(HttpServletResponse httpServletResponse, SecurityException securityException) throws IOException {
        if (securityException instanceof InvalidCredentialsException) {
            doInvalidCredentialsExceptionException(httpServletResponse, (InvalidCredentialsException) securityException);
        } else if (securityException != null) {
            doAuthenticationException(httpServletResponse, securityException);
        }
    }

    private void doAuthenticationException(HttpServletResponse httpServletResponse, SecurityException securityException) throws IOException {
        LOG.debug("SecurityException: ");
        httpServletResponse.reset();
        httpServletResponse.resetBuffer();
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\" Backroom ");
        httpServletResponse.setStatus(401);
        httpServletResponse.flushBuffer();
    }

    private void doInvalidCredentialsExceptionException(HttpServletResponse httpServletResponse, InvalidCredentialsException invalidCredentialsException) throws IOException {
        LOG.debug("exception should respond Forbidden: ");
        httpServletResponse.sendError(403);
    }
}
