package org.apache.olingo.fit.rest;

import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.SecurityContext;
import org.apache.geronimo.mail.util.Base64;

/* loaded from: input_file:WEB-INF/classes/org/apache/olingo/fit/rest/StaticSecurityInterceptor.class */
public class StaticSecurityInterceptor extends AbstractPhaseInterceptor<Message> {
    private static final String AUTHORIZATION_PROPERTY = "Authorization";
    private static final String AUTHENTICATION_SCHEME = "Basic";

    public StaticSecurityInterceptor() {
        super(Phase.PRE_PROTOCOL);
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(Message message) throws Fault {
        SecurityContext securityContext = (SecurityContext) message.get(SecurityContext.class);
        if (securityContext == null || securityContext.getUserPrincipal() == null) {
            List list = (List) ((Map) message.get(Message.PROTOCOL_HEADERS)).get("Authorization");
            if (list == null || list.isEmpty()) {
                throw new WebApplicationException(Response.Status.UNAUTHORIZED);
            }
            StringTokenizer stringTokenizer = new StringTokenizer(new String(Base64.decode(((String) list.get(0)).replaceFirst("Basic ", ""))), ":");
            String nextToken = stringTokenizer.nextToken();
            String nextToken2 = stringTokenizer.nextToken();
            if (!"odatajclient".equals(nextToken) || !"odatajclient".equals(nextToken2)) {
                throw new WebApplicationException(Response.Status.UNAUTHORIZED);
            }
            message.put((Class<Class>) SecurityContext.class, (Class) new SecurityContext() { // from class: org.apache.olingo.fit.rest.StaticSecurityInterceptor.1
                @Override // org.apache.cxf.security.SecurityContext
                public Principal getUserPrincipal() {
                    return new SimplePrincipal("odatajclient");
                }

                @Override // org.apache.cxf.security.SecurityContext
                public boolean isUserInRole(String str) {
                    return false;
                }
            });
        }
    }
}
