package net.ravendb.abstractions.oauth;

import net.ravendb.abstractions.closure.Action1;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpRequest;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;

/* loaded from: input_file:net/ravendb/abstractions/oauth/BasicAuthenticator.class */
public class BasicAuthenticator extends AbstractAuthenticator {
    private final boolean enableBasicAuthenticationOverUnsecuredHttp;
    private final CloseableHttpClient httpClient;
    private static final String BASICO_AUTH_OVER_HTTP_ERROR = "Attempting to authenticate using basic security over HTTP would expose user credentials (including the password) in clear text to anyone sniffing the network.Your OAuth endpoint should be using HTTPS, not HTTP, as the transport mechanism.You can setup the OAuth endpoint in the RavenDB server settings ('Raven/OAuthTokenServer' configuration value), or setup your own behavior by providing a value for: documentStore.Conventions.HandleUnauthorizedResponse If you are on an internal network or requires this for testing, you can disable this warning by calling: documentStore.getJsonRequestFactory().enableBasicAuthenticationOverUnsecuredHttpEvenThoughPasswordsWouldBeSentOverTheWireInClearTextToBeStolenByHackers = true; ";

    public BasicAuthenticator(CloseableHttpClient closeableHttpClient, boolean z) {
        this.enableBasicAuthenticationOverUnsecuredHttp = z;
        this.httpClient = closeableHttpClient;
    }

    @Override // net.ravendb.abstractions.oauth.AbstractAuthenticator
    public Action1<HttpRequest> doOAuthRequest(String str, String str2) {
        try {
            CloseableHttpResponse execute = this.httpClient.execute(prepareOAuthRequest(str, str2));
            Throwable th = null;
            try {
                try {
                    final String iOUtils = IOUtils.toString(execute.getEntity().getContent());
                    Action1<HttpRequest> action1 = new Action1<HttpRequest>() { // from class: net.ravendb.abstractions.oauth.BasicAuthenticator.1
                        @Override // net.ravendb.abstractions.closure.Action1
                        public void apply(HttpRequest httpRequest) {
                            httpRequest.setHeader("Authorization", "Bearer " + iOUtils);
                        }
                    };
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return action1;
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private HttpGet prepareOAuthRequest(String str, String str2) {
        HttpGet httpGet = new HttpGet();
        httpGet.setHeader("grant_type", "client_credentials");
        httpGet.setHeader("Accept", "application/json;charset=UTF-8");
        if (StringUtils.isNotEmpty(str2)) {
            httpGet.setHeader("Api-Key", str2);
        }
        if (str.startsWith("https") || this.enableBasicAuthenticationOverUnsecuredHttp) {
            return httpGet;
        }
        throw new IllegalStateException(BASICO_AUTH_OVER_HTTP_ERROR);
    }
}
