package io.ballerina.messaging.broker.rest.auth;

import io.ballerina.messaging.broker.auth.AuthException;
import io.ballerina.messaging.broker.auth.UsernamePrincipal;
import io.ballerina.messaging.broker.auth.authentication.AuthResult;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Base64;
import javax.security.auth.Subject;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.msf4j.Request;
import org.wso2.msf4j.Response;
import org.wso2.msf4j.interceptor.RequestInterceptor;

/* loaded from: input_file:io/ballerina/messaging/broker/rest/auth/BasicAuthSecurityInterceptor.class */
public class BasicAuthSecurityInterceptor implements RequestInterceptor {
    private static final Logger LOGGER = LoggerFactory.getLogger(BasicAuthSecurityInterceptor.class);
    private static final String AUTH_TYPE_BASIC = "Basic";
    private static final int AUTH_TYPE_BASIC_LENGTH = AUTH_TYPE_BASIC.length();
    private AuthenticateFunction<AuthException> authenticateFunction;

    @FunctionalInterface
    /* loaded from: input_file:io/ballerina/messaging/broker/rest/auth/BasicAuthSecurityInterceptor$AuthenticateFunction.class */
    public interface AuthenticateFunction<E extends Exception> {
        AuthResult authenticate(String str, char... cArr) throws Exception;
    }

    public BasicAuthSecurityInterceptor(AuthenticateFunction<AuthException> authenticateFunction) {
        this.authenticateFunction = authenticateFunction;
    }

    public boolean interceptRequest(Request request, Response response) throws Exception {
        String header = request.getHeader("Authorization");
        if (header != null) {
            String substring = header.substring(0, AUTH_TYPE_BASIC_LENGTH);
            String trim = header.substring(AUTH_TYPE_BASIC_LENGTH).trim();
            if (AUTH_TYPE_BASIC.equals(substring) && !trim.isEmpty()) {
                char[] array = StandardCharsets.UTF_8.decode(ByteBuffer.wrap(Base64.getDecoder().decode(trim.getBytes(StandardCharsets.UTF_8)))).array();
                int binarySearch = Arrays.binarySearch(array, ':');
                String str = new String(Arrays.copyOfRange(array, 0, binarySearch));
                if (authenticate(str, Arrays.copyOfRange(array, binarySearch + 1, array.length))) {
                    Subject subject = new Subject();
                    subject.getPrincipals().add(new UsernamePrincipal(str));
                    request.getSession().setAttribute("AuthenticationId", subject);
                    return true;
                }
            }
        }
        response.setStatus(Response.Status.UNAUTHORIZED.getStatusCode());
        response.setHeader("WWW-Authenticate", AUTH_TYPE_BASIC);
        return false;
    }

    private boolean authenticate(String str, char... cArr) {
        if (str != null) {
            try {
                if (this.authenticateFunction.authenticate(str, cArr).isAuthenticated()) {
                    return true;
                }
            } catch (Exception e) {
                if (!LOGGER.isDebugEnabled()) {
                    return false;
                }
                LOGGER.debug("Error occurred while authenticating user", e);
                return false;
            }
        }
        return false;
    }
}
