package org.picketlink.http.internal.authentication.schemes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.picketlink.common.util.Base64;
import org.picketlink.common.util.StringUtil;
import org.picketlink.config.http.BasicAuthenticationConfiguration;
import org.picketlink.credential.DefaultLoginCredentials;
import org.picketlink.http.authentication.HttpAuthenticationScheme;
import org.picketlink.http.internal.util.RequestUtil;

/* loaded from: input_file:org/picketlink/http/internal/authentication/schemes/BasicAuthenticationScheme.class */
public class BasicAuthenticationScheme implements HttpAuthenticationScheme<BasicAuthenticationConfiguration> {
    public static final String DEFAULT_REALM_NAME = "PicketLink Default Realm";
    private String realm = "PicketLink Default Realm";

    public void initialize(BasicAuthenticationConfiguration basicAuthenticationConfiguration) {
        String realmName = basicAuthenticationConfiguration.getRealmName();
        if (realmName != null) {
            this.realm = realmName;
        }
    }

    public void extractCredential(HttpServletRequest httpServletRequest, DefaultLoginCredentials defaultLoginCredentials) {
        if (isBasicAuthentication(httpServletRequest)) {
            String[] extractUsernameAndPassword = extractUsernameAndPassword(httpServletRequest);
            String str = extractUsernameAndPassword[0];
            String str2 = extractUsernameAndPassword[1];
            if (StringUtil.isNullOrEmpty(str) && StringUtil.isNullOrEmpty(str2)) {
                return;
            }
            defaultLoginCredentials.setUserId(str);
            defaultLoginCredentials.setPassword(str2);
        }
    }

    public void challengeClient(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            httpServletResponse.setHeader(TokenAuthenticationScheme.REQUIRES_AUTHENTICATION_HEADER_NAME, "Basic realm=\"" + this.realm + "\"");
            if (RequestUtil.isAjaxRequest(httpServletRequest)) {
                httpServletResponse.sendError(403);
            } else {
                httpServletResponse.sendError(401);
            }
        } catch (Exception e) {
            throw new RuntimeException("Could not challenge client credentials.", e);
        }
    }

    public void onPostAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    private boolean isBasicAuthentication(HttpServletRequest httpServletRequest) {
        return getAuthorizationHeader(httpServletRequest) != null && getAuthorizationHeader(httpServletRequest).startsWith("Basic ");
    }

    private String getAuthorizationHeader(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader(TokenAuthenticationScheme.AUTHORIZATION_TOKEN_HEADER_NAME);
    }

    public String[] extractUsernameAndPassword(HttpServletRequest httpServletRequest) {
        String str = new String(Base64.decode(getAuthorizationHeader(httpServletRequest).substring(6)));
        String str2 = "";
        String str3 = "";
        int indexOf = str.indexOf(":");
        if (indexOf != -1) {
            str2 = str.substring(0, indexOf);
            str3 = str.substring(indexOf + 1);
        }
        return new String[]{str2, str3};
    }
}
