package org.infinispan.rest.embedded.netty4.security;

import io.netty.channel.ChannelHandlerContext;
import java.io.IOException;
import java.util.Base64;
import java.util.List;
import javax.ws.rs.core.SecurityContext;
import org.apache.logging.log4j.message.ParameterizedMessage;
import org.infinispan.rest.embedded.netty4.NettySecurityContext;
import org.jboss.resteasy.plugins.server.embedded.SecurityDomain;
import org.jboss.resteasy.spi.HttpRequest;
import org.jboss.resteasy.spi.HttpResponse;

/* loaded from: input_file:WEB-INF/classes/org/infinispan/rest/embedded/netty4/security/BasicAuthenticator.class */
public class BasicAuthenticator implements Authenticator {
    private final SecurityDomain domain;
    private final boolean secure;
    private final String realm;
    private final String authenticateHeader;

    public BasicAuthenticator(SecurityDomain securityDomain, boolean z, String str) {
        this.domain = securityDomain;
        this.secure = z;
        this.realm = str;
        this.authenticateHeader = str != null ? String.format("Basic realm=\"%s\"", str) : "Basic";
    }

    @Override // org.infinispan.rest.embedded.netty4.security.Authenticator
    public SecurityContext authenticate(ChannelHandlerContext channelHandlerContext, HttpRequest httpRequest, HttpResponse httpResponse) throws IOException {
        List<String> requestHeader = httpRequest.getHttpHeaders().getRequestHeader("Authorization");
        if (!requestHeader.isEmpty()) {
            String str = requestHeader.get(0);
            if (str.length() > 5) {
                if (!"basic".equals(str.substring(0, 5).toLowerCase())) {
                    sendUnauthorizedResponse(httpResponse);
                    return null;
                }
                String[] split = new String(Base64.getDecoder().decode(str.substring(6).getBytes())).split(ParameterizedMessage.ERROR_MSG_SEPARATOR);
                try {
                    return new NettySecurityContext(this.domain.authenticate(split[0], split[1]), this.domain, SecurityContext.BASIC_AUTH, this.secure);
                } catch (SecurityException e) {
                    sendUnauthorizedResponse(httpResponse);
                    return null;
                }
            }
        }
        sendUnauthorizedResponse(httpResponse);
        return null;
    }

    private void sendUnauthorizedResponse(HttpResponse httpResponse) throws IOException {
        httpResponse.getOutputHeaders().add("WWW-Authenticate", this.authenticateHeader);
        httpResponse.sendError(401);
    }
}
