package com.predic8.membrane.core.interceptor.authentication;

import com.predic8.membrane.annot.MCChildElement;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.Constants;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Response;
import com.predic8.membrane.core.interceptor.AbstractInterceptor;
import com.predic8.membrane.core.interceptor.Interceptor;
import com.predic8.membrane.core.interceptor.Outcome;
import com.predic8.membrane.core.interceptor.authentication.session.StaticUserDataProvider;
import com.predic8.membrane.core.interceptor.authentication.session.UserDataProvider;
import com.predic8.membrane.core.interceptor.oauth2.ParamNames;
import com.predic8.membrane.core.util.HttpUtil;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.beans.factory.annotation.Required;

@MCElement(name = "basicAuthentication")
/* loaded from: input_file:WEB-INF/lib/service-proxy-core-4.6.0.jar:com/predic8/membrane/core/interceptor/authentication/BasicAuthenticationInterceptor.class */
public class BasicAuthenticationInterceptor extends AbstractInterceptor {
    private StaticUserDataProvider userDataProvider = new StaticUserDataProvider();

    public BasicAuthenticationInterceptor() {
        this.name = "Basic Authenticator";
        setFlow(Interceptor.Flow.Set.REQUEST);
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public Outcome handleRequest(Exchange exchange) throws Exception {
        return (hasNoAuthorizationHeader(exchange) || !validUser(exchange)) ? deny(exchange) : Outcome.CONTINUE;
    }

    private boolean validUser(Exchange exchange) throws Exception {
        return this.userDataProvider.getUsersByName().containsKey(getUsername(exchange)) && this.userDataProvider.getUsersByName().get(getUsername(exchange)).getPassword().equals(getPassword(exchange));
    }

    private String getUsername(Exchange exchange) throws Exception {
        return getAuthorizationHeaderDecoded(exchange).split(":", 2)[0];
    }

    private String getPassword(Exchange exchange) throws Exception {
        return getAuthorizationHeaderDecoded(exchange).split(":", 2)[1];
    }

    private Outcome deny(Exchange exchange) {
        exchange.setResponse(Response.unauthorized("").header(HttpUtil.createHeaders(null, "WWW-Authenticate", "Basic realm=\"Membrane Service Proxy Authentication\"")).build());
        return Outcome.ABORT;
    }

    private boolean hasNoAuthorizationHeader(Exchange exchange) {
        return exchange.getRequest().getHeader().getFirstValue("Authorization") == null;
    }

    private String getAuthorizationHeaderDecoded(Exchange exchange) throws Exception {
        return new String(Base64.decodeBase64(exchange.getRequest().getHeader().getFirstValue("Authorization").substring(6).getBytes(Constants.UTF_8_CHARSET)), Constants.UTF_8_CHARSET);
    }

    public List<StaticUserDataProvider.User> getUsers() {
        return this.userDataProvider.getUsers();
    }

    public Map<String, StaticUserDataProvider.User> getUsersByName() {
        return this.userDataProvider.getUsersByName();
    }

    @MCChildElement
    @Required
    public void setUsers(List<StaticUserDataProvider.User> list) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        this.userDataProvider.setUsers(list);
    }

    public UserDataProvider getUserDataProvider() {
        return this.userDataProvider;
    }

    public void setUserDataProvider(StaticUserDataProvider staticUserDataProvider) {
        this.userDataProvider = staticUserDataProvider;
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor
    public void init() throws Exception {
        for (StaticUserDataProvider.User user : getUsers()) {
            if (user.getAttributes().containsKey("name")) {
                String str = user.getAttributes().get("name");
                user.getAttributes().remove("name");
                user.getAttributes().put(ParamNames.USERNAME, str);
            }
        }
        this.userDataProvider.getUsersByName().clear();
        for (StaticUserDataProvider.User user2 : this.userDataProvider.getUsers()) {
            this.userDataProvider.getUsersByName().put(user2.getUsername(), user2);
        }
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public String getShortDescription() {
        return "Authenticates incoming requests based on a fixed user list.";
    }

    @Override // com.predic8.membrane.core.interceptor.AbstractInterceptor, com.predic8.membrane.core.interceptor.Interceptor
    public String getLongDescription() {
        StringBuilder sb = new StringBuilder();
        sb.append(getShortDescription());
        sb.append("<br/>");
        sb.append("Users: ");
        Iterator<StaticUserDataProvider.User> it = this.userDataProvider.getUsers().iterator();
        while (it.hasNext()) {
            sb.append(StringEscapeUtils.escapeHtml(it.next().getUsername()));
            sb.append(", ");
        }
        sb.delete(sb.length() - 2, sb.length());
        sb.append("<br/>Passwords are not shown.");
        return sb.toString();
    }
}
