package org.wicketstuff.security.login.http;

import java.util.Base64;
import org.apache.wicket.Application;
import org.apache.wicket.RestartResponseAtInterceptPageException;
import org.apache.wicket.Session;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.model.IModel;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.request.http.WebRequest;
import org.apache.wicket.request.http.WebResponse;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.apache.wicket.util.string.Strings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wicketstuff.security.WaspSession;
import org.wicketstuff.security.authentication.LoginException;
import org.wicketstuff.security.components.SecureComponentHelper;
import org.wicketstuff.security.strategies.WaspAuthorizationStrategy;

/* loaded from: input_file:org/wicketstuff/security/login/http/HttpAuthenticationLoginPage.class */
public abstract class HttpAuthenticationLoginPage extends WebPage {
    private static final long serialVersionUID = 1;
    private static final Logger log = LoggerFactory.getLogger(HttpAuthenticationLoginPage.class);
    private boolean doAuthentication;

    public HttpAuthenticationLoginPage() {
        this.doAuthentication = false;
    }

    protected HttpAuthenticationLoginPage(IModel<?> iModel) {
        super(iModel);
        this.doAuthentication = false;
    }

    protected HttpAuthenticationLoginPage(PageParameters pageParameters) {
        super(pageParameters);
        this.doAuthentication = false;
    }

    protected void configureResponse(WebResponse webResponse) {
        super.configureResponse(webResponse);
        if (this.doAuthentication) {
            WebRequest request = RequestCycle.get().getRequest();
            String header = request.getHeader("Authorization");
            if (Strings.isEmpty(header)) {
                requestAuthentication(request, webResponse);
                return;
            }
            int indexOf = header.indexOf(32);
            if (indexOf < 1) {
                requestAuthentication(request, webResponse);
            }
            String substring = header.substring(0, indexOf);
            try {
                handleAuthentication(request, webResponse, substring, header.substring(indexOf + 1));
            } catch (LoginException e) {
                log.error(substring + " Http authentication failed", e);
                error(e);
                requestAuthentication(request, webResponse);
            }
        }
    }

    protected final void doAuthentication() {
        this.doAuthentication = true;
    }

    protected void requestAuthentication(WebRequest webRequest, WebResponse webResponse) {
        webResponse.setStatus(401);
        addBasicHeaders(webRequest, webResponse);
    }

    protected void addBasicHeaders(WebRequest webRequest, WebResponse webResponse) {
        webResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + getRealm(webRequest, webResponse) + "\"");
    }

    public abstract String getRealm(WebRequest webRequest, WebResponse webResponse);

    protected void handleAuthentication(WebRequest webRequest, WebResponse webResponse, String str, String str2) throws LoginException {
        if (handleBasicAuthentication(webRequest, webResponse, str, str2)) {
            log.error("Unsupported Http authentication type: " + str);
            throw new RestartResponseAtInterceptPageException(Application.get().getApplicationSettings().getAccessDeniedPage());
        }
    }

    protected boolean handleBasicAuthentication(WebRequest webRequest, WebResponse webResponse, String str, String str2) throws LoginException {
        if (!"Basic".equalsIgnoreCase(str)) {
            return true;
        }
        if (str2 == null) {
            log.error("Username, password not supplied");
            return false;
        }
        String[] split = new String(Base64.getDecoder().decode(str2.getBytes())).split(SecureComponentHelper.PATH_SEPARATOR);
        if (split == null || split.length != 2) {
            throw new LoginException("Could not decrypt username / password");
        }
        Object basicLoginContext = getBasicLoginContext(split[0], split[1]);
        WaspSession waspSession = Session.get();
        if (!(waspSession instanceof WaspSession)) {
            log.error("Unable to find WaspSession");
            return false;
        }
        if (!isAuthenticated()) {
            waspSession.login(basicLoginContext);
        }
        continueToOriginalDestination();
        throw new RestartResponseAtInterceptPageException(Application.get().getHomePage());
    }

    protected boolean isAuthenticated() {
        return ((WaspAuthorizationStrategy) Session.get().getAuthorizationStrategy()).isClassAuthenticated(Application.get().getHomePage());
    }

    protected abstract Object getBasicLoginContext(String str, String str2);
}
