package org.apache.stanbol.commons.authentication.basic;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.AccessControlException;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.stanbol.commons.security.UserUtil;
import org.apache.stanbol.commons.security.auth.AuthenticationService;
import org.apache.stanbol.commons.security.auth.LoginException;
import org.apache.stanbol.commons.security.auth.NoSuchAgent;
import org.apache.stanbol.commons.security.auth.PrincipalImpl;
import org.apache.stanbol.commons.security.auth.WeightedAuthenticationMethod;
import org.osgi.service.component.ComponentContext;
import org.wymiwyg.commons.util.Base64;

@Service({WeightedAuthenticationMethod.class})
@Component
@Property(name = "weight", intValue = {10})
/* loaded from: input_file:resources/bundles/25/org.apache.stanbol.commons.authentication.basic-1.0.0.jar:org/apache/stanbol/commons/authentication/basic/BasicAuthentication.class */
public class BasicAuthentication implements WeightedAuthenticationMethod {
    private int weight = 10;

    @Reference
    AuthenticationService authenticationService;

    public void activate(ComponentContext componentContext) {
        this.weight = ((Integer) componentContext.getProperties().get("weight")).intValue();
    }

    @Override // org.apache.stanbol.commons.security.auth.AuthenticationMethod
    public boolean authenticate(HttpServletRequest httpServletRequest, Subject subject) throws LoginException, ServletException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return false;
        }
        String[] split = new String(Base64.decode(header.substring(header.indexOf(32) + 1))).split(":");
        if (split.length == 0) {
            return false;
        }
        String str = split[0];
        try {
            if (!this.authenticationService.authenticateUser(str, split.length > 1 ? split[1] : "")) {
                throw new LoginException(LoginException.PASSWORD_NOT_MATCHING);
            }
            subject.getPrincipals().remove(UserUtil.ANONYMOUS);
            subject.getPrincipals().add(new PrincipalImpl(str));
            return true;
        } catch (NoSuchAgent e) {
            throw new LoginException(LoginException.USER_NOT_EXISTING);
        }
    }

    @Override // org.apache.stanbol.commons.security.auth.AuthenticationMethod
    public boolean writeLoginResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) throws ServletException, IOException {
        if (th == null || (th instanceof AccessControlException)) {
            setUnauthorizedResponse(httpServletResponse, "<html><body>unauthorized</body></html>");
            return true;
        }
        if (!(th instanceof LoginException)) {
            return false;
        }
        String type = ((LoginException) th).getType();
        if (type.equals(LoginException.PASSWORD_NOT_MATCHING)) {
            setUnauthorizedResponse(httpServletResponse, "<html><body>Username and password do not match</body></html>");
            return true;
        }
        if (!type.equals(LoginException.USER_NOT_EXISTING)) {
            return false;
        }
        setUnauthorizedResponse(httpServletResponse, "<html><body>User does not exist</body></html>");
        return true;
    }

    private void setUnauthorizedResponse(HttpServletResponse httpServletResponse, String str) throws ServletException, IOException {
        httpServletResponse.setStatus(401);
        httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Apache Stanbol authentication needed\"");
        new ByteArrayInputStream(str.getBytes());
        httpServletResponse.setHeader("Content-Length", "" + str.getBytes().length);
        httpServletResponse.getOutputStream().write(str.getBytes());
    }

    @Override // org.apache.stanbol.commons.security.auth.WeightedAuthenticationMethod
    public int getWeight() {
        return this.weight;
    }

    protected void bindAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    protected void unbindAuthenticationService(AuthenticationService authenticationService) {
        if (this.authenticationService == authenticationService) {
            this.authenticationService = null;
        }
    }
}
