package org.apache.pulsar.broker.authentication;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.naming.AuthenticationException;
import org.apache.pulsar.broker.ServiceConfiguration;
import org.apache.pulsar.shade.org.apache.bookkeeper.util.BookKeeperConstants;
import org.apache.pulsar.shade.org.apache.commons.codec.digest.Crypt;
import org.apache.pulsar.shade.org.apache.commons.codec.digest.Md5Crypt;
import org.apache.pulsar.shade.org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/apache/pulsar/broker/authentication/AuthenticationProviderBasic.class */
public class AuthenticationProviderBasic implements AuthenticationProvider {
    private static final String HTTP_HEADER_NAME = "Authorization";
    private static final String CONF_SYSTEM_PROPERTY_KEY = "pulsar.auth.basic.conf";
    private Map<String, String> users;

    /* loaded from: input_file:org/apache/pulsar/broker/authentication/AuthenticationProviderBasic$AuthParams.class */
    private class AuthParams {
        private String userId;
        private String password;

        public AuthParams(AuthenticationDataSource authenticationDataSource) throws AuthenticationException {
            String str;
            if (authenticationDataSource.hasDataFromCommand()) {
                str = authenticationDataSource.getCommandData();
            } else {
                if (!authenticationDataSource.hasDataFromHttp()) {
                    throw new AuthenticationException("Authentication data source does not have data");
                }
                String httpHeader = authenticationDataSource.getHttpHeader("Authorization");
                if (StringUtils.isBlank(httpHeader) || !httpHeader.toUpperCase().startsWith("BASIC ")) {
                    throw new AuthenticationException("Authentication token has to be started with \"Basic \"");
                }
                String[] split = httpHeader.split(StringUtils.SPACE);
                if (split.length != 2) {
                    throw new AuthenticationException("Base64 encoded token is not found");
                }
                try {
                    str = new String(Base64.getDecoder().decode(split[1]));
                } catch (Exception e) {
                    throw new AuthenticationException("Base64 decoding is failure: " + e.getMessage());
                }
            }
            String[] split2 = str.split(BookKeeperConstants.COLON);
            if (split2.length != 2) {
                throw new AuthenticationException("Base64 decoded params are invalid");
            }
            this.userId = split2[0];
            this.password = split2[1];
        }

        public String getUserId() {
            return this.userId;
        }

        public String getPassword() {
            return this.password;
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apache.pulsar.broker.authentication.AuthenticationProvider
    public void initialize(ServiceConfiguration serviceConfiguration) throws IOException {
        File file = new File(System.getProperty(CONF_SYSTEM_PROPERTY_KEY));
        if (!file.exists()) {
            throw new IOException("The password auth conf file does not exist");
        }
        if (!file.isFile()) {
            throw new IOException("The path is not a file");
        }
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        try {
            this.users = new HashMap();
            for (String str : (String[]) bufferedReader.lines().toArray(i -> {
                return new String[i];
            })) {
                List asList = Arrays.asList(str.split(BookKeeperConstants.COLON));
                if (asList.size() != 2) {
                    throw new IOException("The format of the password auth conf file is invalid");
                }
                this.users.put(asList.get(0), asList.get(1));
            }
        } finally {
            if (Collections.singletonList(bufferedReader).get(0) != null) {
                bufferedReader.close();
            }
        }
    }

    @Override // org.apache.pulsar.broker.authentication.AuthenticationProvider
    public String getAuthMethodName() {
        return "basic";
    }

    @Override // org.apache.pulsar.broker.authentication.AuthenticationProvider
    public String authenticate(AuthenticationDataSource authenticationDataSource) throws AuthenticationException {
        AuthParams authParams = new AuthParams(authenticationDataSource);
        String userId = authParams.getUserId();
        String password = authParams.getPassword();
        if (this.users.get(userId) == null) {
            throw new AuthenticationException("Unknown user or invalid password");
        }
        String str = this.users.get(userId);
        if (this.users.get(userId).startsWith("$apr1")) {
            List asList = Arrays.asList(str.split("\\$"));
            if (asList.size() != 4 || !str.equals(Md5Crypt.apr1Crypt(password.getBytes(), (String) asList.get(2)))) {
                throw new AuthenticationException("Unknown user or invalid password");
            }
        } else if (!str.equals(Crypt.crypt(password.getBytes(), str.substring(0, 2)))) {
            throw new AuthenticationException("Unknown user or invalid password");
        }
        return userId;
    }
}
