package org.wso2.carbon.identity.auth.service.handler.impl;

import java.nio.charset.Charset;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.slf4j.MDC;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.auth.service.AuthenticationContext;
import org.wso2.carbon.identity.auth.service.AuthenticationRequest;
import org.wso2.carbon.identity.auth.service.AuthenticationResult;
import org.wso2.carbon.identity.auth.service.AuthenticationStatus;
import org.wso2.carbon.identity.auth.service.exception.AuthenticationFailException;
import org.wso2.carbon.identity.auth.service.handler.AuthenticationHandler;
import org.wso2.carbon.identity.auth.service.internal.AuthenticationServiceHolder;
import org.wso2.carbon.identity.auth.service.util.AuthConfigurationUtil;
import org.wso2.carbon.identity.auth.service.util.Constants;
import org.wso2.carbon.identity.core.bean.context.MessageContext;
import org.wso2.carbon.identity.core.handler.InitConfig;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.AuthenticationResult;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/auth/service/handler/impl/BasicAuthenticationHandler.class */
public class BasicAuthenticationHandler extends AuthenticationHandler {
    private static final Log log = LogFactory.getLog(BasicAuthenticationHandler.class);
    private final String BASIC_AUTH_HEADER = "Basic";
    private final String USER_NAME = "userName";
    private final String TOTP_ENDPOINT_URI = "api/users/v1/me/totp";
    private final String FIDO_ENDPOINT_URI = "api/users/v1/me/webauthn";
    private final String FIDO2_ENDPOINT_URI = "api/users/v2/me/webauthn";

    public void init(InitConfig initConfig) {
    }

    public String getName() {
        return "BasicAuthentication";
    }

    public int getPriority(MessageContext messageContext) {
        return getPriority(messageContext, 100);
    }

    public boolean canHandle(MessageContext messageContext) {
        return AuthConfigurationUtil.isAuthHeaderMatch(messageContext, "Basic");
    }

    @Override // org.wso2.carbon.identity.auth.service.handler.AuthenticationHandler
    protected AuthenticationResult doAuthenticate(MessageContext messageContext) throws AuthenticationFailException {
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationStatus.FAILED);
        AuthenticationContext authenticationContext = (AuthenticationContext) messageContext;
        AuthenticationRequest authenticationRequest = authenticationContext.getAuthenticationRequest();
        String[] split = authenticationContext.getAuthenticationRequest().getHeader("Authorization").split(" ");
        if (split.length != 2) {
            log.error("Error occurred while trying to authenticate. The Authorization header values are not defined correctly.");
            throw new AuthenticationFailException("Error occurred while trying to authenticate. The Authorization header values are not defined correctly.");
        }
        String[] split2 = new String(Base64.decodeBase64(split[1].getBytes()), Charset.defaultCharset()).split(":", 2);
        if (split2.length != 2 || !StringUtils.isNotBlank(split2[0]) || !StringUtils.isNotBlank(split2[1])) {
            log.error("Error occurred while trying to authenticate. The auth user credentials are not defined correctly.");
            throw new AuthenticationFailException("Error occurred while trying to authenticate. The auth user credentials are not defined correctly.");
        }
        String str = split2[0];
        String str2 = split2[1];
        try {
            int tenantIdOfUser = IdentityTenantUtil.getTenantIdOfUser(str);
            String tenantDomain = MultitenantUtils.getTenantDomain(str);
            AuthenticatedUser authenticatedUser = new AuthenticatedUser();
            authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(str));
            authenticatedUser.setTenantDomain(tenantDomain);
            authenticationContext.setUser(authenticatedUser);
            try {
                PrivilegedCarbonContext.startTenantFlow();
                PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
                PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantIdOfUser);
                UserRealm tenantUserRealm = AuthenticationServiceHolder.getInstance().getRealmService().getTenantUserRealm(tenantIdOfUser);
                if (tenantUserRealm == null) {
                    String str3 = "Error occurred while trying to load the user realm for the tenant: " + tenantIdOfUser;
                    log.error(str3);
                    throw new AuthenticationFailException(str3);
                }
                org.wso2.carbon.user.core.common.AuthenticationResult authenticateWithID = tenantUserRealm.getUserStoreManager().authenticateWithID("http://wso2.org/claims/username", MultitenantUtils.getTenantAwareUsername(str), str2, "default");
                if (AuthenticationResult.AuthenticationStatus.SUCCESS == authenticateWithID.getAuthenticationStatus() && authenticateWithID.getAuthenticatedUser().isPresent()) {
                    authenticationResult.setAuthenticationStatus(AuthenticationStatus.SUCCESS);
                    String domainFromThreadLocal = UserCoreUtil.getDomainFromThreadLocal();
                    if (StringUtils.isNotBlank(domainFromThreadLocal)) {
                        authenticatedUser.setUserStoreDomain(domainFromThreadLocal);
                    }
                    authenticatedUser.setUserId(((User) authenticateWithID.getAuthenticatedUser().get()).getUserID());
                    authenticationContext.setUser(authenticatedUser);
                    if (log.isDebugEnabled()) {
                        log.debug("Basic Authentication successful for the user: " + str);
                    }
                    MDC.put("userName", str);
                    if (authenticationRequest.getRequest() != null) {
                        String lowerCase = authenticationRequest.getRequest().getRequestURI().toLowerCase();
                        if (lowerCase.contains("api/users/v1/me/totp") || lowerCase.contains("api/users/v1/me/webauthn") || lowerCase.contains("api/users/v2/me/webauthn")) {
                            ((Map) IdentityUtil.threadLocalProperties.get()).put(Constants.AUTHENTICATED_WITH_BASIC_AUTH, "true");
                        }
                    }
                }
                PrivilegedCarbonContext.endTenantFlow();
                return authenticationResult;
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                throw th;
            }
        } catch (UserStoreException e) {
            String str4 = "Error occurred while trying to authenticate. " + e.getMessage();
            log.error(str4);
            throw new AuthenticationFailException(str4);
        }
    }
}
