package com.orientechnologies.orient.server.network.protocol.http.command;

import com.orientechnologies.orient.server.OServerMain;
import com.orientechnologies.orient.server.config.OServerConfiguration;
import com.orientechnologies.orient.server.network.protocol.http.OHttpRequest;
import com.orientechnologies.orient.server.network.protocol.http.OHttpUtils;
import java.io.IOException;

/* loaded from: input_file:com/orientechnologies/orient/server/network/protocol/http/command/OServerCommandAuthenticatedServerAbstract.class */
public abstract class OServerCommandAuthenticatedServerAbstract extends OServerCommandAbstract {
    private static final String SESSIONID_UNAUTHORIZED = "-";
    private static final String SESSIONID_LOGOUT = "!";
    private final String resource;

    /* JADX INFO: Access modifiers changed from: protected */
    public OServerCommandAuthenticatedServerAbstract(String str) {
        this.resource = str;
    }

    @Override // com.orientechnologies.orient.server.network.protocol.http.command.OServerCommandAbstract, com.orientechnologies.orient.server.network.protocol.http.command.OServerCommand
    public boolean beforeExecute(OHttpRequest oHttpRequest) throws IOException {
        return authenticate(oHttpRequest, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authenticate(OHttpRequest oHttpRequest, boolean z) throws IOException {
        if (checkGuestAccess()) {
            return true;
        }
        if (z && (oHttpRequest.authorization == null || "!".equals(oHttpRequest.sessionId))) {
            sendAuthorizationRequest(oHttpRequest);
            return false;
        }
        if (oHttpRequest.authorization != null) {
            String[] split = oHttpRequest.authorization.split(":");
            if (split.length == 2 && OServerMain.server().authenticate(split[0], split[1], this.resource)) {
                return true;
            }
        }
        sendNotAuthorizedResponse(oHttpRequest);
        return false;
    }

    protected boolean checkGuestAccess() {
        return OServerMain.server().authenticate(OServerConfiguration.SRV_ROOT_GUEST, null, this.resource);
    }

    protected void sendNotAuthorizedResponse(OHttpRequest oHttpRequest) throws IOException {
        oHttpRequest.sessionId = "-";
        sendTextContent(oHttpRequest, OHttpUtils.STATUS_FORBIDDEN_CODE, OHttpUtils.STATUS_FORBIDDEN_DESCRIPTION, "WWW-Authenticate: Basic realm=\"OrientDB Server\"", OHttpUtils.CONTENT_TEXT_PLAIN, "403 Forbidden.", false);
    }

    protected void sendAuthorizationRequest(OHttpRequest oHttpRequest) throws IOException {
        oHttpRequest.sessionId = "-";
        sendTextContent(oHttpRequest, OHttpUtils.STATUS_AUTH_CODE, OHttpUtils.STATUS_AUTH_DESCRIPTION, "WWW-Authenticate: Basic realm=\"OrientDB Server\"", OHttpUtils.CONTENT_TEXT_PLAIN, "401 Unauthorized.", false);
    }
}
