package org.artificer.server.filters;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.artificer.common.ArtificerConfig;
import org.artificer.server.i18n.Messages;

/* loaded from: input_file:org/artificer/server/filters/MavenRepositoryAuthFilter.class */
public class MavenRepositoryAuthFilter implements Filter {

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/artificer/server/filters/MavenRepositoryAuthFilter$Creds.class */
    public static class Creds {
        public String username;
        public String password;

        public Creds(String str, String str2) {
            this.username = str;
            this.password = str2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/artificer/server/filters/MavenRepositoryAuthFilter$SimplePrincipal.class */
    public static class SimplePrincipal implements Principal {
        private String username;
        private Set<String> roles = new HashSet();

        public SimplePrincipal(String str) {
            this.username = str;
        }

        @Override // java.security.Principal
        public String getName() {
            return this.username;
        }

        public void addRole(String str) {
            this.roles.add(str);
        }

        public Set<String> getRoles() {
            return this.roles;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        Creds parseAuthorizationHeader = parseAuthorizationHeader(httpServletRequest.getHeader("Authorization"));
        if (parseAuthorizationHeader == null) {
            SimplePrincipal simplePrincipal = new SimplePrincipal(ArtificerConfig.getMavenReadOnlyUsername());
            simplePrincipal.addRole("readonly." + ArtificerConfig.getJCRRepositoryName());
            doFilterChain(servletRequest, servletResponse, filterChain, simplePrincipal);
        } else if (login(parseAuthorizationHeader, httpServletRequest, (HttpServletResponse) servletResponse)) {
            doFilterChain(servletRequest, servletResponse, filterChain, null);
        } else {
            sendAuthResponse((HttpServletResponse) servletResponse);
        }
    }

    private void sendAuthResponse(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setHeader("WWW-Authenticate", String.format("BASIC realm=\"maven\"", new Object[0]));
        httpServletResponse.sendError(401);
    }

    protected void doFilterChain(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain, SimplePrincipal simplePrincipal) throws IOException, ServletException {
        if (simplePrincipal == null) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            filterChain.doFilter(wrapRequest(servletRequest, simplePrincipal), servletResponse);
        }
    }

    private HttpServletRequest wrapRequest(ServletRequest servletRequest, final SimplePrincipal simplePrincipal) {
        return new HttpServletRequestWrapper((HttpServletRequest) servletRequest) { // from class: org.artificer.server.filters.MavenRepositoryAuthFilter.1
            public Principal getUserPrincipal() {
                return simplePrincipal;
            }

            public String getRemoteUser() {
                return simplePrincipal.getName();
            }

            public boolean isUserInRole(String str) {
                return simplePrincipal.getRoles().contains(str);
            }
        };
    }

    private Creds parseAuthorizationHeader(String str) {
        if (str == null || !str.toUpperCase().startsWith("BASIC ")) {
            return null;
        }
        try {
            String str2 = new String(Base64.decodeBase64(str.substring(6)), "UTF-8");
            int indexOf = str2.indexOf(58);
            if (indexOf > 0) {
                return new Creds(str2.substring(0, indexOf), str2.substring(indexOf + 1));
            }
            throw new RuntimeException(Messages.i18n.format("MavenRepositoryAuthFilter.InvalidCredFormat", new Object[0]));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    protected boolean login(Creds creds, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            httpServletRequest.login(creds.username, creds.password);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public void destroy() {
    }
}
