package org.wso2.carbon.webapp.authenticator.framework.authenticator;

import java.nio.charset.Charset;
import java.util.Base64;
import java.util.Properties;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.buf.MessageBytes;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;

/* loaded from: input_file:org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.class */
public class BasicAuthAuthenticator implements WebappAuthenticator {
    private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth";
    private static final String AUTH_HEADER = "basic ";
    private static final Log log = LogFactory.getLog(BasicAuthAuthenticator.class);

    /* loaded from: input_file:org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator$Credentials.class */
    public static class Credentials {
        private String username;
        private String password;

        Credentials(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        public String getUsername() {
            return this.username;
        }

        String getPassword() {
            return this.password;
        }
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public void init() {
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public boolean canHandle(Request request) {
        MessageBytes value;
        if (!isAuthenticationSupported(request) || request.getCoyoteRequest() == null || request.getCoyoteRequest().getMimeHeaders() == null || (value = request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION)) == null) {
            return false;
        }
        value.toBytes();
        return value.getByteChunk().startsWithIgnoreCase(AUTH_HEADER, 0);
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public AuthenticationInfo authenticate(Request request, Response response) {
        AuthenticationInfo authenticationInfo = new AuthenticationInfo();
        Credentials credentials = getCredentials(request);
        try {
            int tenantIdOFUser = Utils.getTenantIdOFUser(credentials.getUsername());
            UserStoreManager userStoreManager = AuthenticatorFrameworkDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantIdOFUser).getUserStoreManager();
            String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(credentials.getUsername());
            if (userStoreManager.authenticate(tenantAwareUsername, credentials.getPassword())) {
                authenticationInfo.setStatus(WebappAuthenticator.Status.CONTINUE);
                authenticationInfo.setUsername(tenantAwareUsername);
                authenticationInfo.setTenantDomain(Utils.getTenantDomain(tenantIdOFUser));
                authenticationInfo.setTenantId(tenantIdOFUser);
            } else {
                authenticationInfo.setMessage("Failed to authorize incoming request.");
                authenticationInfo.setStatus(WebappAuthenticator.Status.FAILURE);
            }
        } catch (AuthenticationException e) {
            log.error("Error occurred while obtaining the tenant Id for user." + credentials.getUsername(), e);
        } catch (UserStoreException e2) {
            log.error("Error occurred while authenticating the user." + credentials.getUsername(), e2);
        }
        return authenticationInfo;
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public String getName() {
        return BASIC_AUTH_AUTHENTICATOR;
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public void setProperties(Properties properties) {
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public Properties getProperties() {
        return null;
    }

    @Override // org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator
    public String getProperty(String str) {
        return null;
    }

    private Credentials getCredentials(Request request) {
        String substring;
        Credentials credentials = null;
        String str = null;
        MessageBytes value = request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
        if (value != null) {
            value.toBytes();
            String byteChunk = value.getByteChunk().toString();
            if (byteChunk.toLowerCase().startsWith(AUTH_HEADER)) {
                String str2 = new String(Base64.getDecoder().decode(byteChunk.substring(AUTH_HEADER.length()).trim()), Charset.forName("UTF-8"));
                int indexOf = str2.indexOf(58, 0);
                if (indexOf < 0) {
                    substring = str2;
                } else {
                    substring = str2.substring(0, indexOf);
                    str = str2.substring(indexOf + 1);
                }
                credentials = new Credentials(substring, str);
            }
        }
        return credentials;
    }

    private boolean isAuthenticationSupported(Request request) {
        String findParameter = request.getContext().findParameter("basicAuth");
        return findParameter != null && Boolean.parseBoolean(findParameter);
    }
}
