package com.jarvis.cache.admin;

import com.jarvis.cache.autoconfigure.AutoloadCacheProperties;
import java.io.IOException;
import java.util.Base64;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:com/jarvis/cache/admin/HTTPBasicAuthorizeAttribute.class */
public class HTTPBasicAuthorizeAttribute implements Filter {
    private static final String SESSION_AUTH_ATTRIBUTE = "autoload-cache-auth";
    private final AutoloadCacheProperties properties;

    public HTTPBasicAuthorizeAttribute(AutoloadCacheProperties autoloadCacheProperties) {
        this.properties = autoloadCacheProperties;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (((String) httpServletRequest.getSession().getAttribute(SESSION_AUTH_ATTRIBUTE)) != null || checkHeaderAuth(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        httpServletResponse.setHeader("Cache-Control", "no-store");
        httpServletResponse.setDateHeader("Expires", 0L);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"input username and password\"");
    }

    private boolean checkHeaderAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String fromBASE64;
        String[] split;
        String adminUserName = this.properties.getAdminUserName();
        if (null == adminUserName || adminUserName.isEmpty()) {
            return true;
        }
        String adminPassword = this.properties.getAdminPassword();
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || header.length() <= 6 || (fromBASE64 = getFromBASE64(header.substring(6, header.length()))) == null || (split = fromBASE64.split(":")) == null || split.length != 2 || !adminUserName.equals(split[0])) {
            return false;
        }
        if (null != adminPassword && !adminPassword.isEmpty() && (null == adminPassword || !adminPassword.equals(split[1]))) {
            return false;
        }
        httpServletRequest.getSession().setAttribute(SESSION_AUTH_ATTRIBUTE, fromBASE64);
        return true;
    }

    private String getFromBASE64(String str) {
        if (str == null) {
            return null;
        }
        try {
            return new String(Base64.getDecoder().decode(str));
        } catch (Exception e) {
            return null;
        }
    }

    public void destroy() {
    }
}
