package org.wso2.carbon.apimgt.gateway.handlers.security.basicauth;

import io.swagger.v3.oas.models.OpenAPI;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.SynapseEnvironment;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.util.Base64;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodStats;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.common.constants.JWTConstants;
import org.wso2.carbon.apimgt.gateway.handlers.analytics.Constants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityUtils;
import org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext;
import org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationResponse;
import org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;
import org.wso2.carbon.apimgt.gateway.utils.OpenAPIUtils;
import org.wso2.carbon.apimgt.impl.dto.BasicAuthValidationInfoDTO;
import org.wso2.carbon.apimgt.impl.dto.VerbInfoDTO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator.class */
public class BasicAuthAuthenticator implements Authenticator {
    private static final Log log;
    static final String PUBLISHER_TENANT_DOMAIN = "tenant.info.domain";
    private String securityHeader;
    private String requestOrigin;
    private BasicAuthCredentialValidator basicAuthCredentialValidator;
    private boolean isMandatory;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;
    private static final JoinPoint.StaticPart ajc$tjp_7 = null;
    private static final JoinPoint.StaticPart ajc$tjp_8 = null;
    private static final JoinPoint.StaticPart ajc$tjp_9 = null;
    private static final JoinPoint.StaticPart ajc$tjp_10 = null;
    private static final JoinPoint.StaticPart ajc$tjp_11 = null;
    private static final JoinPoint.StaticPart ajc$tjp_12 = null;
    private final String basicAuthKeyHeaderSegment = "Basic";
    private OpenAPI openAPI = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            BasicAuthAuthenticator.setBasicAuthCredentialValidator_aroundBody0((BasicAuthAuthenticator) objArr2[0], (BasicAuthCredentialValidator) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.extractBasicAuthHeader_aroundBody10((BasicAuthAuthenticator) objArr2[0], (MessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.getChallengeString_aroundBody12((BasicAuthAuthenticator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure15.class */
    public class AjcClosure15 extends AroundClosure {
        public AjcClosure15(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.getRequestOrigin_aroundBody14((BasicAuthAuthenticator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure17.class */
    public class AjcClosure17 extends AroundClosure {
        public AjcClosure17(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            BasicAuthAuthenticator.setRequestOrigin_aroundBody16((BasicAuthAuthenticator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure19.class */
    public class AjcClosure19 extends AroundClosure {
        public AjcClosure19(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.getSecurityHeader_aroundBody18((BasicAuthAuthenticator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure21.class */
    public class AjcClosure21 extends AroundClosure {
        public AjcClosure21(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            BasicAuthAuthenticator.setSecurityHeader_aroundBody20((BasicAuthAuthenticator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure23.class */
    public class AjcClosure23 extends AroundClosure {
        public AjcClosure23(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.getEndUserName_aroundBody22((BasicAuthAuthenticator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure25.class */
    public class AjcClosure25 extends AroundClosure {
        public AjcClosure25(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.intObject(BasicAuthAuthenticator.getPriority_aroundBody24((BasicAuthAuthenticator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            BasicAuthAuthenticator.init_aroundBody2((BasicAuthAuthenticator) objArr2[0], (SynapseEnvironment) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            BasicAuthAuthenticator.destroy_aroundBody4((BasicAuthAuthenticator) objArr2[0], (JoinPoint) objArr2[1]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.authenticate_aroundBody6((BasicAuthAuthenticator) objArr2[0], (MessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/basicauth/BasicAuthAuthenticator$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return BasicAuthAuthenticator.extractBasicAuthCredentials_aroundBody8((BasicAuthAuthenticator) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(BasicAuthAuthenticator.class);
    }

    public BasicAuthAuthenticator(String str, boolean z) {
        this.securityHeader = str;
        this.isMandatory = z;
    }

    public void setBasicAuthCredentialValidator(BasicAuthCredentialValidator basicAuthCredentialValidator) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, basicAuthCredentialValidator);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, basicAuthCredentialValidator, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            setBasicAuthCredentialValidator_aroundBody0(this, basicAuthCredentialValidator, makeJP);
        }
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    public void init(SynapseEnvironment synapseEnvironment) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, synapseEnvironment);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, synapseEnvironment, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            init_aroundBody2(this, synapseEnvironment, makeJP);
        }
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    public void destroy() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            destroy_aroundBody4(this, makeJP);
        }
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    @MethodStats
    public AuthenticationResponse authenticate(MessageContext messageContext) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, messageContext);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (AuthenticationResponse) MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, messageContext, makeJP}).linkClosureAndJoinPoint(69648)) : authenticate_aroundBody6(this, messageContext, makeJP);
    }

    private String[] extractBasicAuthCredentials(String str) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String[]) MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : extractBasicAuthCredentials_aroundBody8(this, str, makeJP);
    }

    private String extractBasicAuthHeader(MessageContext messageContext) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, this, this, messageContext);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{this, messageContext, makeJP}).linkClosureAndJoinPoint(69648)) : extractBasicAuthHeader_aroundBody10(this, messageContext, makeJP);
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    public String getChallengeString() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_6, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure13(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getChallengeString_aroundBody12(this, makeJP);
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    public String getRequestOrigin() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_7, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure15(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getRequestOrigin_aroundBody14(this, makeJP);
    }

    public void setRequestOrigin(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_8, this, this, str);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure17(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            setRequestOrigin_aroundBody16(this, str, makeJP);
        }
    }

    public String getSecurityHeader() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_9, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure19(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getSecurityHeader_aroundBody18(this, makeJP);
    }

    public void setSecurityHeader(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_10, this, this, str);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure21(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            setSecurityHeader_aroundBody20(this, str, makeJP);
        }
    }

    private String getEndUserName(String str) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_11, this, this, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure23(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getEndUserName_aroundBody22(this, str, makeJP);
    }

    @Override // org.wso2.carbon.apimgt.gateway.handlers.security.Authenticator
    public int getPriority() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_12, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.intValue(MethodTimeLogger.aspectOf().log(new AjcClosure25(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : getPriority_aroundBody24(this, makeJP);
    }

    static final void setBasicAuthCredentialValidator_aroundBody0(BasicAuthAuthenticator basicAuthAuthenticator, BasicAuthCredentialValidator basicAuthCredentialValidator, JoinPoint joinPoint) {
    }

    static final void init_aroundBody2(BasicAuthAuthenticator basicAuthAuthenticator, SynapseEnvironment synapseEnvironment, JoinPoint joinPoint) {
    }

    static final void destroy_aroundBody4(BasicAuthAuthenticator basicAuthAuthenticator, JoinPoint joinPoint) {
    }

    static final AuthenticationResponse authenticate_aroundBody6(BasicAuthAuthenticator basicAuthAuthenticator, MessageContext messageContext, JoinPoint joinPoint) {
        String resourceAuthenticationScheme;
        ArrayList arrayList;
        if (log.isDebugEnabled()) {
            log.info("Basic Authentication initialized");
        }
        basicAuthAuthenticator.openAPI = (OpenAPI) messageContext.getProperty(APIMgtGatewayConstants.OPEN_API_OBJECT);
        if (basicAuthAuthenticator.openAPI == null && !"GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
            log.error("OpenAPI definition is missing in the gateway. Basic authentication cannot be performed.");
            return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, APISecurityConstants.API_AUTH_MISSING_OPEN_API_DEF, "Basic authentication cannot be performed.");
        }
        String extractBasicAuthHeader = basicAuthAuthenticator.extractBasicAuthHeader(messageContext);
        String str = (String) messageContext.getProperty("REST_API_CONTEXT");
        String str2 = (String) messageContext.getProperty(JWTConstants.SYNAPSE_REST_API_VERSION);
        String str3 = (String) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(ThreatProtectorConstants.HTTP_METHOD);
        String str4 = (String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE);
        if ("GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
            HashMap hashMap = (HashMap) messageContext.getProperty("OperationAuthSchemeMapping");
            HashMap hashMap2 = (HashMap) messageContext.getProperty("OperationThrottlingMapping");
            String[] split = str4.split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR);
            arrayList = new ArrayList(1);
            resourceAuthenticationScheme = "None";
            for (String str5 : split) {
                boolean booleanValue = ((Boolean) hashMap.get(str5)).booleanValue();
                VerbInfoDTO verbInfoDTO = new VerbInfoDTO();
                if (booleanValue) {
                    verbInfoDTO.setAuthType("Any");
                    resourceAuthenticationScheme = "Any";
                } else {
                    verbInfoDTO.setAuthType("None");
                }
                verbInfoDTO.setThrottling((String) hashMap2.get(str5));
                verbInfoDTO.setRequestKey(String.valueOf(str) + "/" + str2 + str5 + ":" + str3);
                arrayList.add(verbInfoDTO);
            }
        } else {
            resourceAuthenticationScheme = OpenAPIUtils.getResourceAuthenticationScheme(basicAuthAuthenticator.openAPI, messageContext);
            arrayList = new ArrayList(1);
            VerbInfoDTO verbInfoDTO2 = new VerbInfoDTO();
            verbInfoDTO2.setAuthType(resourceAuthenticationScheme);
            verbInfoDTO2.setThrottling(OpenAPIUtils.getResourceThrottlingTier(basicAuthAuthenticator.openAPI, messageContext));
            verbInfoDTO2.setRequestKey(String.valueOf(str) + "/" + str2 + str4 + ":" + str3);
            arrayList.add(verbInfoDTO2);
        }
        if ("None".equals(resourceAuthenticationScheme)) {
            if (log.isDebugEnabled()) {
                log.debug("Basic Authentication: Found Resource Authentication Scheme: ".concat(resourceAuthenticationScheme));
            }
            org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
            TreeMap treeMap = (TreeMap) axis2MessageContext.getProperty(APIMgtGatewayConstants.TRANSPORT_HEADERS);
            String str6 = treeMap != null ? (String) treeMap.get(APIMgtGatewayConstants.X_FORWARDED_FOR) : null;
            if (str6 == null || str6.isEmpty()) {
                str6 = (String) axis2MessageContext.getProperty("REMOTE_ADDR");
            } else if (str6.indexOf(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR) > 0) {
                str6 = str6.substring(0, str6.indexOf(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR));
            }
            AuthenticationContext authenticationContext = new AuthenticationContext();
            authenticationContext.setAuthenticated(true);
            authenticationContext.setTier("Unauthenticated");
            authenticationContext.setStopOnQuotaReach(true);
            authenticationContext.setApiKey(str6);
            authenticationContext.setKeyType("PRODUCTION");
            authenticationContext.setUsername(Constants.ANONYMOUS_VALUE);
            authenticationContext.setCallerToken(null);
            authenticationContext.setApplicationName(null);
            authenticationContext.setApplicationId(str6);
            authenticationContext.setApplicationUUID(str6);
            authenticationContext.setConsumerKey(null);
            APISecurityUtils.setAuthenticationContext(messageContext, authenticationContext, null);
            if (log.isDebugEnabled()) {
                log.debug("Basic Authentication: Authentication succeeded by ignoring auth headers for API resource: ".concat(str4));
            }
            return new AuthenticationResponse(true, basicAuthAuthenticator.isMandatory, false, 0, null);
        }
        try {
            String[] extractBasicAuthCredentials = basicAuthAuthenticator.extractBasicAuthCredentials(extractBasicAuthHeader);
            String endUserName = basicAuthAuthenticator.getEndUserName(extractBasicAuthCredentials[0]);
            String str7 = extractBasicAuthCredentials[1];
            if (!MultitenantUtils.getTenantDomain(endUserName).equals(messageContext.getProperty(PUBLISHER_TENANT_DOMAIN))) {
                log.error("Basic Authentication failure: tenant domain mismatch for user :" + endUserName);
                return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, APISecurityConstants.API_AUTH_FORBIDDEN, APISecurityConstants.API_AUTH_FORBIDDEN_MESSAGE);
            }
            try {
                if (basicAuthAuthenticator.basicAuthCredentialValidator == null) {
                    basicAuthAuthenticator.basicAuthCredentialValidator = new BasicAuthCredentialValidator();
                }
                BasicAuthValidationInfoDTO validate = basicAuthAuthenticator.basicAuthCredentialValidator.validate(endUserName, str7);
                if (!validate.isAuthenticated()) {
                    log.error("Basic Authentication failure: Username and Password mismatch");
                    return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Basic Authentication: Username and Password authenticated");
                }
                try {
                    boolean validateScopes = basicAuthAuthenticator.basicAuthCredentialValidator.validateScopes(endUserName, basicAuthAuthenticator.openAPI, messageContext, validate);
                    String domainQualifiedUsername = validate.getDomainQualifiedUsername();
                    if (!validateScopes) {
                        return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, APISecurityConstants.INVALID_SCOPE, "Scope validation failed");
                    }
                    if (APISecurityUtils.getAuthenticationContext(messageContext) == null) {
                        AuthenticationContext authenticationContext2 = new AuthenticationContext();
                        authenticationContext2.setAuthenticated(true);
                        authenticationContext2.setTier("Unauthenticated");
                        authenticationContext2.setStopOnQuotaReach(true);
                        messageContext.setProperty("VERB_INFO", arrayList);
                        authenticationContext2.setApiKey(domainQualifiedUsername);
                        authenticationContext2.setKeyType("PRODUCTION");
                        authenticationContext2.setUsername(domainQualifiedUsername);
                        authenticationContext2.setCallerToken(null);
                        authenticationContext2.setApplicationName("BasicAuthApplication");
                        authenticationContext2.setApplicationId(domainQualifiedUsername);
                        authenticationContext2.setApplicationUUID(domainQualifiedUsername);
                        authenticationContext2.setConsumerKey(null);
                        APISecurityUtils.setAuthenticationContext(messageContext, authenticationContext2, null);
                    }
                    log.debug("Basic Authentication: Scope validation passed");
                    return new AuthenticationResponse(true, basicAuthAuthenticator.isMandatory, false, 0, null);
                } catch (APISecurityException e) {
                    return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, e.getErrorCode(), e.getMessage());
                }
            } catch (APISecurityException e2) {
                return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, e2.getErrorCode(), e2.getMessage());
            }
        } catch (APISecurityException e3) {
            return new AuthenticationResponse(false, basicAuthAuthenticator.isMandatory, true, e3.getErrorCode(), e3.getMessage());
        }
    }

    static final String[] extractBasicAuthCredentials_aroundBody8(BasicAuthAuthenticator basicAuthAuthenticator, String str, JoinPoint joinPoint) {
        if (str == null) {
            if (log.isDebugEnabled()) {
                log.debug("Basic Authentication: No Basic Auth Header found");
            }
            throw new APISecurityException(APISecurityConstants.API_AUTH_MISSING_CREDENTIALS, APISecurityConstants.API_AUTH_MISSING_CREDENTIALS_MESSAGE);
        }
        if (!str.contains("Basic")) {
            if (log.isDebugEnabled()) {
                log.debug("Basic Authentication: No Basic Auth Header found");
            }
            throw new APISecurityException(APISecurityConstants.API_AUTH_MISSING_CREDENTIALS, APISecurityConstants.API_AUTH_MISSING_CREDENTIALS_MESSAGE);
        }
        try {
            String str2 = new String(Base64.decode(str.substring("Basic".length() + 1).trim()));
            if (str2.contains(":")) {
                return str2.split(":");
            }
            log.error("Basic Authentication: Invalid Basic Auth token");
            throw new APISecurityException(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
        } catch (WSSecurityException unused) {
            log.error("Error occured during Basic Authentication: Invalid Basic Auth token");
            throw new APISecurityException(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE);
        }
    }

    static final String extractBasicAuthHeader_aroundBody10(BasicAuthAuthenticator basicAuthAuthenticator, MessageContext messageContext, JoinPoint joinPoint) {
        Map map = (Map) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(APIMgtGatewayConstants.TRANSPORT_HEADERS);
        if (map == null) {
            return null;
        }
        String str = (String) map.get(basicAuthAuthenticator.getSecurityHeader());
        if (str == null) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Basic Authentication: Expected authorization header with the name '".concat(basicAuthAuthenticator.getSecurityHeader()).concat("' was not found."));
            return null;
        }
        if (!str.contains("Basic")) {
            return null;
        }
        String[] split = str.split(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR);
        ArrayList arrayList = new ArrayList();
        String str2 = null;
        for (String str3 : split) {
            if (str3.trim().split(" ")[0].equals("Basic")) {
                str2 = str3.trim();
            } else {
                arrayList.add(str3.trim());
            }
        }
        String join = String.join(APIMgtGatewayConstants.CUSTOM_ANALYTICS_PROPERTY_SEPARATOR, arrayList);
        if (StringUtils.isNotBlank(join)) {
            map.put(basicAuthAuthenticator.getSecurityHeader(), join);
        } else {
            map.remove(basicAuthAuthenticator.getSecurityHeader());
        }
        return str2;
    }

    static final String getChallengeString_aroundBody12(BasicAuthAuthenticator basicAuthAuthenticator, JoinPoint joinPoint) {
        return "Basic Auth realm=\"WSO2 API Manager\"";
    }

    static final String getRequestOrigin_aroundBody14(BasicAuthAuthenticator basicAuthAuthenticator, JoinPoint joinPoint) {
        return basicAuthAuthenticator.requestOrigin;
    }

    static final void setRequestOrigin_aroundBody16(BasicAuthAuthenticator basicAuthAuthenticator, String str, JoinPoint joinPoint) {
        basicAuthAuthenticator.requestOrigin = str;
    }

    static final String getSecurityHeader_aroundBody18(BasicAuthAuthenticator basicAuthAuthenticator, JoinPoint joinPoint) {
        if (basicAuthAuthenticator.securityHeader == null) {
            try {
                basicAuthAuthenticator.securityHeader = APIUtil.getOAuthConfigurationFromAPIMConfig("AuthorizationHeader");
            } catch (APIManagementException e) {
                log.error("Error while reading authorization header from APIM configurations", e);
            }
        }
        return basicAuthAuthenticator.securityHeader;
    }

    static final void setSecurityHeader_aroundBody20(BasicAuthAuthenticator basicAuthAuthenticator, String str, JoinPoint joinPoint) {
        basicAuthAuthenticator.securityHeader = str;
    }

    static final String getEndUserName_aroundBody22(BasicAuthAuthenticator basicAuthAuthenticator, String str, JoinPoint joinPoint) {
        return String.valueOf(MultitenantUtils.getTenantAwareUsername(str)) + JWTConstants.TENANT_DOMAIN_COMBINER + MultitenantUtils.getTenantDomain(str);
    }

    static final int getPriority_aroundBody24(BasicAuthAuthenticator basicAuthAuthenticator, JoinPoint joinPoint) {
        return 20;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("BasicAuthAuthenticator.java", BasicAuthAuthenticator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "setBasicAuthCredentialValidator", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthCredentialValidator", "basicAuthCredentialValidator", APIMgtGatewayConstants.EMPTY, "void"), 79);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "init", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "org.apache.synapse.core.SynapseEnvironment", "env", APIMgtGatewayConstants.EMPTY, "void"), 87);
        ajc$tjp_10 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "setSecurityHeader", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "java.lang.String", "securityHeader", APIMgtGatewayConstants.EMPTY, "void"), 417);
        ajc$tjp_11 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getEndUserName", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "java.lang.String", "username", APIMgtGatewayConstants.EMPTY, "java.lang.String"), 421);
        ajc$tjp_12 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getPriority", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "int"), 426);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "destroy", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "void"), 94);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "authenticate", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "org.apache.synapse.MessageContext", "synCtx", APIMgtGatewayConstants.EMPTY, "org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationResponse"), 105);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "extractBasicAuthCredentials", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "java.lang.String", "basicAuthHeader", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "[Ljava.lang.String;"), 298);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "extractBasicAuthHeader", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "org.apache.synapse.MessageContext", "synCtx", APIMgtGatewayConstants.EMPTY, "java.lang.String"), 338);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getChallengeString", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "java.lang.String"), 383);
        ajc$tjp_7 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getRequestOrigin", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "java.lang.String"), 393);
        ajc$tjp_8 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "setRequestOrigin", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", "java.lang.String", "requestOrigin", APIMgtGatewayConstants.EMPTY, "void"), 402);
        ajc$tjp_9 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getSecurityHeader", "org.wso2.carbon.apimgt.gateway.handlers.security.basicauth.BasicAuthAuthenticator", APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, APIMgtGatewayConstants.EMPTY, "java.lang.String"), 406);
    }
}
