package org.rhq.enterprise.rest;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.hql.classic.ParserHelper;
import org.jboss.resteasy.util.Base64;
import org.jbpm.svc.Services;
import org.rhq.core.domain.auth.Subject;
import org.rhq.enterprise.server.util.LookupUtil;

/* loaded from: input_file:rhq-rest.war/WEB-INF/classes/org/rhq/enterprise/rest/AuthFilter.class */
public class AuthFilter implements Filter {
    Log log = LogFactory.getLog("AuthFilter");

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession();
        String header = httpServletRequest.getHeader(Services.SERVICENAME_AUTHORIZATION);
        if (header == null || header.isEmpty()) {
            this.log.warn("Client sent no authorization header");
            ((HttpServletResponse) servletResponse).sendError(401);
            return;
        }
        String str = new String(Base64.decode(header.substring(5)));
        String substring = str.substring(0, str.indexOf(ParserHelper.HQL_VARIABLE_PREFIX));
        Subject checkAuthentication = LookupUtil.getSubjectManager().checkAuthentication(substring, str.substring(str.indexOf(ParserHelper.HQL_VARIABLE_PREFIX) + 1));
        if (checkAuthentication == null) {
            ((HttpServletResponse) servletResponse).sendError(401);
            return;
        }
        session.setAttribute("subject", checkAuthentication);
        this.log.debug("User '" + substring + "' has passed");
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
