package pl.edu.icm.unity.rest.authn.ext;

import eu.unicore.security.HTTPAuthNTokens;
import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.log4j.Logger;
import org.apache.xmlbeans.impl.util.Base64;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.rest.authn.CXFAuthentication;
import pl.edu.icm.unity.server.authn.AuthenticatedEntity;
import pl.edu.icm.unity.server.authn.AuthenticationResult;
import pl.edu.icm.unity.server.authn.CredentialExchange;
import pl.edu.icm.unity.server.authn.CredentialRetrieval;
import pl.edu.icm.unity.server.utils.Log;
import pl.edu.icm.unity.stdext.credential.PasswordExchange;

/* loaded from: input_file:pl/edu/icm/unity/rest/authn/ext/HttpBasicRetrievalBase.class */
public abstract class HttpBasicRetrievalBase implements CredentialRetrieval, CXFAuthentication {
    private static final Logger log = Log.getLogger("unity.server.rest", HttpBasicRetrievalBase.class);
    protected PasswordExchange credentialExchange;

    public String getSerializedConfiguration() throws InternalException {
        return "";
    }

    public void setSerializedConfiguration(String str) throws InternalException {
    }

    public void setCredentialExchange(CredentialExchange credentialExchange) {
        this.credentialExchange = (PasswordExchange) credentialExchange;
    }

    @Override // pl.edu.icm.unity.rest.authn.CXFAuthentication
    /* renamed from: getInterceptor, reason: merged with bridge method [inline-methods] */
    public AbstractPhaseInterceptor<Message> mo3getInterceptor() {
        return null;
    }

    @Override // pl.edu.icm.unity.rest.authn.CXFAuthentication
    public AuthenticationResult getAuthenticationResult() {
        HTTPAuthNTokens hTTPCredentials = getHTTPCredentials(log);
        if (hTTPCredentials == null) {
            log.trace("No HTTP BASIC auth header was found");
            return new AuthenticationResult(AuthenticationResult.Status.notApplicable, (AuthenticatedEntity) null);
        }
        log.trace("HTTP BASIC auth header found");
        try {
            return this.credentialExchange.checkPassword(hTTPCredentials.getUserName(), hTTPCredentials.getPasswd());
        } catch (Exception e) {
            log.trace("HTTP BASIC credential is invalid");
            return new AuthenticationResult(AuthenticationResult.Status.deny, (AuthenticatedEntity) null);
        }
    }

    protected HTTPAuthNTokens getHTTPCredentials(Logger logger) {
        HttpServletRequest httpServletRequest;
        String header;
        Message currentMessage = PhaseInterceptorChain.getCurrentMessage();
        if (currentMessage == null || (httpServletRequest = (HttpServletRequest) currentMessage.get("HTTP.REQUEST")) == null || (header = httpServletRequest.getHeader("Authorization")) == null || !header.startsWith("Basic ")) {
            return null;
        }
        String str = new String(Base64.decode(header.substring(6).getBytes()));
        String[] split = str.split(":");
        if (split.length > 2) {
            logger.warn("Ignoring malformed Authorization HTTP header element (to many ':' after decode: " + str + ")");
            return null;
        }
        if (split.length == 2) {
            return new HTTPAuthNTokens(split[0], split[1]);
        }
        if (split.length == 1) {
            return new HTTPAuthNTokens(split[0], (String) null);
        }
        logger.warn("Ignoring malformed Authorization HTTP header element (empty string after decode)");
        return null;
    }
}
