package com.jpeterson.example.authentication;

import com.jpeterson.example.data.DataFactory;
import com.jpeterson.example.data.Group;
import com.jpeterson.example.data.User;
import com.jpeterson.example.data.UserService;
import java.io.IOException;
import java.io.Serializable;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:WEB-INF/classes/com/jpeterson/example/authentication/BasicAuthFilter.class */
public class BasicAuthFilter implements Filter {
    private FilterConfig filterConfig;

    /* loaded from: input_file:WEB-INF/classes/com/jpeterson/example/authentication/BasicAuthFilter$BasicAuthHttpServletRequest.class */
    private class BasicAuthHttpServletRequest extends HttpServletRequestWrapper {
        private String remoteUser;
        private Principal userPrincipal;
        private Set<String> roles;

        public BasicAuthHttpServletRequest(HttpServletRequest httpServletRequest, String str, Set<String> set) {
            super(httpServletRequest);
            this.remoteUser = str;
            this.userPrincipal = new BasicAuthPrincipal(str);
            this.roles = set;
        }

        public String getAuthType() {
            return "BASIC";
        }

        public String getRemoteUser() {
            return this.remoteUser;
        }

        public boolean isUserInRole(String str) {
            return this.roles.contains(str);
        }

        public Principal getUserPrincipal() {
            return this.userPrincipal;
        }
    }

    /* loaded from: input_file:WEB-INF/classes/com/jpeterson/example/authentication/BasicAuthFilter$BasicAuthPrincipal.class */
    private class BasicAuthPrincipal implements Principal, Serializable {
        private static final long serialVersionUID = 1;
        private String name;

        public BasicAuthPrincipal(String str) {
            this.name = str;
        }

        @Override // java.security.Principal
        public String getName() {
            return this.name;
        }

        @Override // java.security.Principal
        public boolean equals(Object obj) {
            boolean equals;
            if (!(obj instanceof Principal)) {
                return false;
            }
            String name = ((Principal) obj).getName();
            if (this.name == null) {
                equals = name == null;
            } else {
                equals = this.name.equals(name);
            }
            return equals;
        }

        @Override // java.security.Principal
        public int hashCode() {
            if (this.name == null) {
                return 0;
            }
            return this.name.hashCode();
        }

        @Override // java.security.Principal
        public String toString() {
            return this.name;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header;
        int indexOf;
        UserService userService = (UserService) DataFactory.getService(DataFactory.USER_SERVICE);
        boolean z = false;
        String str = null;
        if ((servletRequest instanceof HttpServletRequest) && (header = ((HttpServletRequest) servletRequest).getHeader("Authorization")) != null && (indexOf = header.indexOf(32)) >= 0 && "Basic".equals(header.substring(0, indexOf))) {
            String str2 = new String(new BASE64Decoder().decodeBuffer(header.substring(indexOf + 1)));
            int indexOf2 = str2.indexOf(58);
            if (indexOf2 >= 0) {
                str = str2.substring(0, indexOf2);
                try {
                    z = userService.authenticate(str, str2.substring(indexOf2 + 1));
                } catch (IllegalArgumentException e) {
                    this.filterConfig.getServletContext().log("Unable to authenticate password", e);
                } catch (NoSuchAlgorithmException e2) {
                    this.filterConfig.getServletContext().log("Unable to authenticate password", e2);
                }
            }
        }
        if (!z) {
            if (servletResponse instanceof HttpServletResponse) {
                HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
                httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"ExampleRest\"");
                httpServletResponse.sendError(401, "Authorization Required");
                return;
            }
            return;
        }
        User findByUsername = userService.findByUsername(str);
        if (findByUsername == null && (servletResponse instanceof HttpServletResponse)) {
            HttpServletResponse httpServletResponse2 = (HttpServletResponse) servletResponse;
            httpServletResponse2.setHeader("WWW-Authenticate", "Basic realm=\"ExampleRest\"");
            httpServletResponse2.sendError(401, "Authorization Required");
        }
        HashSet hashSet = new HashSet();
        Iterator<Group> it = findByUsername.getGroups().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getName());
        }
        filterChain.doFilter(new BasicAuthHttpServletRequest((HttpServletRequest) servletRequest, str, hashSet), servletResponse);
    }

    public void destroy() {
    }
}
