package com.expanset.jersey.security;

import com.expanset.hk2.security.AuthenicationResult;
import com.expanset.hk2.security.AuthenticationService;
import com.expanset.hk2.security.LoginPasswordCredentials;
import java.io.IOException;
import java.util.Base64;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.annotation.Priority;
import javax.annotation.security.RolesAllowed;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.ws.rs.ConstrainedTo;
import javax.ws.rs.RuntimeType;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.DynamicFeature;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Configuration;
import javax.ws.rs.core.Feature;
import javax.ws.rs.core.FeatureContext;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.Validate;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.hk2.api.ServiceLocator;
import org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
import org.glassfish.jersey.server.model.AnnotatedMethod;

@ConstrainedTo(RuntimeType.SERVER)
/* loaded from: input_file:com/expanset/jersey/security/BasicAuthenticationFeature.class */
public class BasicAuthenticationFeature implements Feature {
    public static final String REALM = BasicAuthenticationFeature.class.getName() + ".realm";
    public static final String ENCODING = BasicAuthenticationFeature.class.getName() + ".encoding";
    public static final String ENCODING_DEFAULT = "utf-8";

    @Inject
    protected ServiceLocator serviceLocator;

    /* JADX INFO: Access modifiers changed from: protected */
    @Priority(1000)
    @PreMatching
    /* loaded from: input_file:com/expanset/jersey/security/BasicAuthenticationFeature$BasicAuthenticationFilter.class */
    public static class BasicAuthenticationFilter implements ContainerRequestFilter {

        @Inject
        protected Provider<AuthenticationService> authenticationServiceProvider;
        protected final String realm;
        protected final String encodng;
        private static final String BASIC_PREFIX = "Basic ";
        private static final String AUTH_HEADER = "Authorization";

        public BasicAuthenticationFilter(@Nonnull String str, @Nonnull String str2) {
            Validate.notNull(str, "realm");
            Validate.notEmpty(str2, "encodng");
            this.realm = str;
            this.encodng = str2;
        }

        public void filter(ContainerRequestContext containerRequestContext) throws IOException {
            String headerString = containerRequestContext.getHeaderString(AUTH_HEADER);
            if (StringUtils.isEmpty(headerString) || !StringUtils.startsWithIgnoreCase(headerString, BASIC_PREFIX)) {
                return;
            }
            String[] split = StringUtils.split(new String(Base64.getDecoder().decode(headerString.substring(BASIC_PREFIX.length())), this.encodng), ':');
            LoginPasswordCredentials loginPasswordCredentials = new LoginPasswordCredentials(split.length != 0 ? split[0] : null, split.length != 1 ? split[1] : null, this.realm, StringUtils.endsWithIgnoreCase("https", containerRequestContext.getUriInfo().getRequestUri().getScheme()));
            Optional authenticate = ((AuthenticationService) this.authenticationServiceProvider.get()).authenticate(loginPasswordCredentials);
            if (authenticate.isPresent()) {
                containerRequestContext.setSecurityContext(new DefaultSecurityContext("BASIC", (AuthenicationResult) authenticate.get(), loginPasswordCredentials.isSecure()));
            }
        }
    }

    /* loaded from: input_file:com/expanset/jersey/security/BasicAuthenticationFeature$BasicAuthenticationRequiredFeature.class */
    protected static class BasicAuthenticationRequiredFeature implements DynamicFeature {
        protected BasicAuthenticationRequiredFeature() {
        }

        public void configure(ResourceInfo resourceInfo, FeatureContext featureContext) {
            String str = (String) featureContext.getConfiguration().getProperty(BasicAuthenticationFeature.REALM);
            if (str == null) {
                str = "";
            }
            if (new AnnotatedMethod(resourceInfo.getResourceMethod()).getAnnotation(RolesAllowed.class) == null && resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class) == null) {
                return;
            }
            featureContext.register(createFilter(str));
        }

        protected BasicAuthenticationRequiredFilter createFilter(String str) {
            return new BasicAuthenticationRequiredFilter(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Priority(1001)
    /* loaded from: input_file:com/expanset/jersey/security/BasicAuthenticationFeature$BasicAuthenticationRequiredFilter.class */
    public static class BasicAuthenticationRequiredFilter implements ContainerRequestFilter {
        protected final String realm;

        public BasicAuthenticationRequiredFilter(String str) {
            this.realm = str;
        }

        public void filter(ContainerRequestContext containerRequestContext) throws IOException {
            if (containerRequestContext.getSecurityContext() == null || containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
                containerRequestContext.abortWith(Response.status(401).header("WWW-Authenticate", "Basic realm=\"" + this.realm + "\"").build());
            }
        }
    }

    public boolean configure(FeatureContext featureContext) {
        Configuration configuration = featureContext.getConfiguration();
        if (!configuration.isRegistered(RolesAllowedDynamicFeature.class)) {
            featureContext.register(RolesAllowedDynamicFeature.class);
        }
        registerRequiredAuthenticationFeature(featureContext);
        String str = (String) configuration.getProperty(REALM);
        if (str == null) {
            str = "";
        }
        String str2 = (String) configuration.getProperty(ENCODING);
        if (str == null) {
            str2 = "utf-8";
        }
        featureContext.register(createFilter(str, str2));
        return true;
    }

    protected void registerRequiredAuthenticationFeature(FeatureContext featureContext) {
        featureContext.register(BasicAuthenticationRequiredFeature.class);
    }

    protected ContainerRequestFilter createFilter(String str, String str2) {
        BasicAuthenticationFilter basicAuthenticationFilter = new BasicAuthenticationFilter(str, str2);
        this.serviceLocator.inject(basicAuthenticationFilter);
        return basicAuthenticationFilter;
    }
}
