package org.ikasan.rest.security;

import java.io.IOException;
import java.security.Principal;
import java.util.Iterator;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Provider;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.ikasan.security.service.AuthenticationService;
import org.ikasan.security.service.AuthenticationServiceException;
import org.springframework.security.config.http.PortMappingsBeanDefinitionParser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;

@Provider
@Priority(2000)
/* loaded from: input_file:sample-genericTechPriceSrc-war-1.5.1.war:WEB-INF/lib/ikasan-rest-1.5.1.jar:org/ikasan/rest/security/SecurityFilter.class */
public class SecurityFilter implements ContainerRequestFilter {
    private static Logger logger = Logger.getLogger(SecurityFilter.class);

    @Context
    UriInfo uriInfo;

    @Context
    HttpServletRequest request;

    @Inject
    private AuthenticationService authenticationService;

    /* loaded from: input_file:sample-genericTechPriceSrc-war-1.5.1.war:WEB-INF/lib/ikasan-rest-1.5.1.jar:org/ikasan/rest/security/SecurityFilter$Authorizer.class */
    public class Authorizer implements SecurityContext {
        private Authentication authentication;

        public Authorizer(Authentication authentication) {
            this.authentication = null;
            this.authentication = authentication;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public Principal getUserPrincipal() {
            return (Principal) this.authentication.getPrincipal();
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isUserInRole(String str) {
            Iterator<? extends GrantedAuthority> it = this.authentication.getAuthorities().iterator();
            while (it.hasNext()) {
                if (str.equals(it.next().getAuthority())) {
                    return true;
                }
            }
            return false;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isSecure() {
            return PortMappingsBeanDefinitionParser.ATT_HTTPS_PORT.equals(SecurityFilter.this.uriInfo.getRequestUri().getScheme());
        }

        @Override // javax.ws.rs.core.SecurityContext
        public String getAuthenticationScheme() {
            if (this.authentication == null) {
                return null;
            }
            return "BASIC";
        }
    }

    private Authentication authenticate(ContainerRequestContext containerRequestContext) {
        String headerString = containerRequestContext.getHeaderString("Authorization");
        if (headerString == null || !headerString.startsWith("Basic ")) {
            return null;
        }
        String[] split = new String(Base64.decodeBase64(headerString.substring("Basic ".length()))).split(":");
        try {
            return this.authenticationService.login(split[0], split[1]);
        } catch (AuthenticationServiceException e) {
            return null;
        }
    }

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Authentication authenticate = authenticate(containerRequestContext);
        if (authenticate != null) {
            containerRequestContext.setSecurityContext(new Authorizer(authenticate));
        }
    }
}
