package org.wso2.carbon.identity.application.authenticator.requestpath.basicauth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.RequestPathApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.authenticator.requestpath.basicauth.internal.BasicAuthRequestPathAuthenticatorServiceComponent;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/requestpath/basicauth/BasicAuthRequestPathAuthenticator.class */
public class BasicAuthRequestPathAuthenticator extends AbstractApplicationAuthenticator implements RequestPathApplicationAuthenticator {
    private static final long serialVersionUID = 1;
    private static final String AUTHORIZATION_HEADER_NAME = "Authorization";
    private static final String BASIC_AUTH_SCHEMA = "Basic";
    private static final String AUTHENTICATOR_NAME = "BasicAuthRequestPathAuthenticator";
    private static Log log = LogFactory.getLog(BasicAuthRequestPathAuthenticator.class);

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        if (log.isTraceEnabled()) {
            log.trace("Inside canHandle()");
        }
        String str = (String) httpServletRequest.getSession().getAttribute(AUTHORIZATION_HEADER_NAME);
        return (str == null || "".equals(str.trim())) ? httpServletRequest.getParameter("sectoken") != null : BASIC_AUTH_SCHEMA.equals(str.trim().split(" ")[0]);
    }

    protected void processAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String str = (String) httpServletRequest.getSession().getAttribute(AUTHORIZATION_HEADER_NAME);
        try {
            String[] split = new String(Base64.decode(str != null ? str.trim().split(" ")[1] : httpServletRequest.getParameter("sectoken"))).split(":");
            if (!BasicAuthRequestPathAuthenticatorServiceComponent.getRealmService().getTenantUserRealm(IdentityUtil.getTenantIdOFUser(split[0])).getUserStoreManager().authenticate(MultitenantUtils.getTenantAwareUsername(split[0]), split[1])) {
                log.error("Authentication failed for user " + split[0]);
                throw new AuthenticationFailedException("Authentication Failed");
            }
            if (log.isDebugEnabled()) {
                log.debug("Authenticated user " + split[0]);
            }
            authenticationContext.setSubject(FrameworkUtils.prependUserStoreDomainToName(split[0]));
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new AuthenticationFailedException("Authentication Failed");
        }
    }

    public String getContextIdentifier(HttpServletRequest httpServletRequest) {
        return null;
    }

    public String getFriendlyName() {
        return "basic-auth";
    }

    public String getName() {
        return AUTHENTICATOR_NAME;
    }
}
