package org.wso2.carbon.security.caas.jaas.handler;

import io.netty.handler.codec.http.HttpRequest;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.security.caas.jaas.HTTPCallbackHandler;
import org.wso2.carbon.security.caas.jaas.util.CarbonSecurityConstants;

/* loaded from: input_file:org/wso2/carbon/security/caas/jaas/handler/UsernamePasswordCallbackHandler.class */
public class UsernamePasswordCallbackHandler implements HTTPCallbackHandler {
    private static final Logger log = LoggerFactory.getLogger(UsernamePasswordCallbackHandler.class);
    private HttpRequest httpRequest;
    private String username;
    private char[] password;

    @Override // org.wso2.carbon.security.caas.jaas.HTTPCallbackHandler
    public void setHTTPRequest(HttpRequest httpRequest) {
        this.httpRequest = httpRequest;
    }

    @Override // org.wso2.carbon.security.caas.jaas.HTTPCallbackHandler
    public boolean canHandle() {
        if (this.httpRequest == null || this.httpRequest.headers() == null || this.httpRequest.headers().get("Authorization") == null) {
            return false;
        }
        String trim = this.httpRequest.headers().get("Authorization").trim();
        if (!trim.startsWith(CarbonSecurityConstants.HTTP_AUTHORIZATION_PREFIX_BASIC)) {
            return false;
        }
        String[] split = new String(Base64.getDecoder().decode(trim.split("\\s+")[1].getBytes(Charset.forName(StandardCharsets.UTF_8.name()))), Charset.forName(StandardCharsets.UTF_8.name())).split(":");
        if (split.length != 2) {
            return false;
        }
        this.username = split[0];
        this.password = split[1].toCharArray();
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("UsernamePasswordCallbackHandler will handle the request.");
        return true;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        if (callbackArr != null) {
            for (Callback callback : callbackArr) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(this.username);
                } else if (callback instanceof PasswordCallback) {
                    ((PasswordCallback) callback).setPassword(this.password);
                }
            }
            clearCredentials();
        }
    }

    private void clearCredentials() {
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
    }
}
