package org.apache.tinkerpop.gremlin.server.handler;

import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.codec.http.DefaultFullHttpResponse;
import io.netty.handler.codec.http.FullHttpMessage;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.HttpVersion;
import io.netty.util.ReferenceCountUtil;
import java.nio.charset.Charset;
import java.util.Base64;
import java.util.HashMap;
import org.apache.tinkerpop.gremlin.server.GremlinServer;
import org.apache.tinkerpop.gremlin.server.Settings;
import org.apache.tinkerpop.gremlin.server.auth.AuthenticationException;
import org.apache.tinkerpop.gremlin.server.auth.Authenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/tinkerpop/gremlin/server/handler/HttpBasicAuthenticationHandler.class */
public class HttpBasicAuthenticationHandler extends AbstractAuthenticationHandler {
    private static final Logger logger = LoggerFactory.getLogger(HttpBasicAuthenticationHandler.class);
    private static final Logger auditLogger = LoggerFactory.getLogger(GremlinServer.AUDIT_LOGGER_NAME);
    private final Settings.AuthenticationSettings authenticationSettings;
    private final Base64.Decoder decoder;

    public HttpBasicAuthenticationHandler(Authenticator authenticator, Settings.AuthenticationSettings authenticationSettings) {
        super(authenticator);
        this.decoder = Base64.getUrlDecoder();
        this.authenticationSettings = authenticationSettings;
    }

    public void channelRead(ChannelHandlerContext channelHandlerContext, Object obj) {
        if (obj instanceof FullHttpMessage) {
            FullHttpMessage fullHttpMessage = (FullHttpMessage) obj;
            if (!fullHttpMessage.headers().contains("Authorization")) {
                sendError(channelHandlerContext, obj);
                return;
            }
            String str = fullHttpMessage.headers().get("Authorization");
            if (!str.startsWith("Basic ")) {
                sendError(channelHandlerContext, obj);
                return;
            }
            try {
                String[] split = new String(this.decoder.decode(str.substring("Basic ".length())), Charset.forName("UTF-8")).split(":");
                if (split.length != 2) {
                    sendError(channelHandlerContext, obj);
                    return;
                }
                HashMap hashMap = new HashMap();
                hashMap.put("username", split[0]);
                hashMap.put("password", split[1]);
                String obj2 = channelHandlerContext.channel().remoteAddress().toString();
                if (obj2.startsWith("/") && obj2.length() > 1) {
                    obj2 = obj2.substring(1);
                }
                hashMap.put("address", obj2);
                try {
                    this.authenticator.authenticate(hashMap);
                    channelHandlerContext.fireChannelRead(fullHttpMessage);
                    if (this.authenticationSettings.enableAuditLog) {
                        String[] split2 = this.authenticator.getClass().toString().split("[.]");
                        auditLogger.info("User {} with address {} authenticated by {}", new Object[]{hashMap.get("username"), obj2, split2[split2.length - 1]});
                    }
                } catch (AuthenticationException e) {
                    sendError(channelHandlerContext, obj);
                }
            } catch (IllegalArgumentException e2) {
                sendError(channelHandlerContext, obj);
            } catch (IndexOutOfBoundsException e3) {
                sendError(channelHandlerContext, obj);
            }
        }
    }

    private void sendError(ChannelHandlerContext channelHandlerContext, Object obj) {
        channelHandlerContext.writeAndFlush(new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.UNAUTHORIZED)).addListener(ChannelFutureListener.CLOSE);
        ReferenceCountUtil.release(obj);
    }
}
