package org.apache.catalina.authenticator.jaspic.provider.modules;

import java.io.IOException;
import java.text.MessageFormat;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Context;
import org.apache.catalina.authenticator.BasicAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.tomcat.util.buf.MessageBytes;

/* loaded from: input_file:org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.class */
public class BasicAuthModule extends TomcatAuthModule {
    public BasicAuthModule(Context context) {
        super(context);
    }

    @Override // org.apache.catalina.authenticator.jaspic.provider.modules.TomcatAuthModule
    public void initializeModule(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map<String, String> map) throws AuthException {
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        if (!isMandatory(messageInfo)) {
            return AuthStatus.SUCCESS;
        }
        Request request = (Request) messageInfo.getRequestMessage();
        HttpServletResponse httpServletResponse = (HttpServletResponse) messageInfo.getResponseMessage();
        MessageBytes value = request.getCoyoteRequest().getMimeHeaders().getValue("authorization");
        String realmName = getRealmName();
        if (value == null) {
            return sendUnauthorizedError(httpServletResponse, realmName);
        }
        value.toBytes();
        try {
            BasicAuthenticator.BasicCredentials basicCredentials = new BasicAuthenticator.BasicCredentials(value.getByteChunk());
            PasswordValidationCallback passwordValidationCallback = new PasswordValidationCallback(subject, basicCredentials.getUsername(), basicCredentials.getPassword().toCharArray());
            this.handler.handle(new Callback[]{passwordValidationCallback});
            if (!passwordValidationCallback.getResult()) {
                return sendUnauthorizedError(httpServletResponse, realmName);
            }
            handlePrincipalCallbacks(subject, getPrincipal(passwordValidationCallback));
            return AuthStatus.SUCCESS;
        } catch (Exception e) {
            throw new AuthException(e.getMessage());
        }
    }

    private AuthStatus sendUnauthorizedError(HttpServletResponse httpServletResponse, String str) throws AuthException {
        httpServletResponse.setHeader("WWW-Authenticate", MessageFormat.format("Basic realm=\"{0}\"", str));
        try {
            httpServletResponse.sendError(401);
            return AuthStatus.SEND_CONTINUE;
        } catch (IOException e) {
            throw new AuthException(e.getMessage());
        }
    }
}
