package org.keycloak.adapters;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import net.iharder.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.params.AuthPolicy;
import org.apache.http.message.BasicNameValuePair;
import org.jboss.logging.Logger;
import org.keycloak.OAuth2Constants;
import org.keycloak.constants.ServiceUrlConstants;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.util.BasicAuthHelper;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.KeycloakUriBuilder;

/* loaded from: input_file:org/keycloak/adapters/BasicAuthRequestAuthenticator.class */
public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticator {
    protected Logger log;

    public BasicAuthRequestAuthenticator(KeycloakDeployment keycloakDeployment) {
        super(keycloakDeployment);
        this.log = Logger.getLogger((Class<?>) BasicAuthRequestAuthenticator.class);
    }

    @Override // org.keycloak.adapters.BearerTokenRequestAuthenticator
    public AuthOutcome authenticate(HttpFacade httpFacade) {
        List<String> headers = httpFacade.getRequest().getHeaders("Authorization");
        if (headers == null || headers.size() == 0) {
            this.challenge = challengeResponse(httpFacade, null, null);
            return AuthOutcome.NOT_ATTEMPTED;
        }
        this.tokenString = null;
        Iterator<String> it = headers.iterator();
        while (it.hasNext()) {
            String[] split = it.next().trim().split("\\s+");
            if (split != null && split.length == 2 && split[0].equalsIgnoreCase(AuthPolicy.BASIC)) {
                this.tokenString = split[1];
            }
        }
        if (this.tokenString == null) {
            this.challenge = challengeResponse(httpFacade, null, null);
            return AuthOutcome.NOT_ATTEMPTED;
        }
        try {
            String[] split2 = new String(Base64.decode(this.tokenString)).split(":");
            return authenticateToken(httpFacade, getToken(split2[0], split2[1]).getToken());
        } catch (Exception e) {
            this.log.debug("Failed to obtain token", e);
            this.challenge = challengeResponse(httpFacade, "no_token", e.getMessage());
            return AuthOutcome.FAILED;
        }
    }

    private AccessTokenResponse getToken(String str, String str2) throws Exception {
        HttpClient build = new HttpClientBuilder().disableTrustManager().build();
        try {
            HttpPost httpPost = new HttpPost(KeycloakUriBuilder.fromUri(this.deployment.getAuthServerBaseUrl()).path(ServiceUrlConstants.TOKEN_SERVICE_DIRECT_GRANT_PATH).build(this.deployment.getRealm()));
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair("username", str));
            arrayList.add(new BasicNameValuePair(CredentialRepresentation.PASSWORD, str2));
            if (this.deployment.isPublicClient()) {
                arrayList.add(new BasicNameValuePair(OAuth2Constants.CLIENT_ID, this.deployment.getResourceName()));
            } else {
                httpPost.setHeader("Authorization", BasicAuthHelper.createHeader(this.deployment.getResourceName(), this.deployment.getResourceCredentials().get(CredentialRepresentation.SECRET)));
            }
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            HttpResponse execute = build.execute(httpPost);
            int statusCode = execute.getStatusLine().getStatusCode();
            HttpEntity entity = execute.getEntity();
            if (statusCode != 200) {
                throw new IOException("Bad status: " + statusCode);
            }
            if (entity == null) {
                throw new IOException("No Entity");
            }
            InputStream content = entity.getContent();
            try {
                return (AccessTokenResponse) JsonSerialization.readValue(content, AccessTokenResponse.class);
            } finally {
                try {
                    content.close();
                } catch (IOException e) {
                }
            }
        } finally {
            build.getConnectionManager().shutdown();
        }
    }
}
