package de.cinovo.cloudconductor.server.security;

import javax.security.auth.Subject;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.core.Response;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.interceptor.security.DefaultSecurityContext;
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.cxf.security.SecurityContext;

/* loaded from: input_file:de/cinovo/cloudconductor/server/security/AuthProvider.class */
public class AuthProvider implements RequestHandler {
    private static final String PROP_USERNAME = "cloudconductor.username";
    private static final String PROP_PASSWORD = "cloudconductor.password";
    private static final String REALM = "Basic realm=\"cloudconductor\"";
    private static final String PRINCIPAL = "Admin";

    public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) {
        AuthorizationPolicy authorizationPolicy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
        if (authorizationPolicy == null || !System.getProperty(PROP_USERNAME).equals(authorizationPolicy.getUserName()) || !System.getProperty(PROP_PASSWORD).equals(authorizationPolicy.getPassword())) {
            throw new NotAuthorizedException(getFaultResponse());
        }
        message.put(SecurityContext.class, createSC());
        return null;
    }

    private static SecurityContext createSC() {
        Subject subject = new Subject();
        SimplePrincipal simplePrincipal = new SimplePrincipal(PRINCIPAL);
        subject.getPrincipals().add(simplePrincipal);
        return new DefaultSecurityContext(simplePrincipal, subject);
    }

    private static Response getFaultResponse() {
        return Response.status(401).header("WWW-Authenticate", REALM).build();
    }
}
