package br.gov.frameworkdemoiselle.util;

import br.gov.frameworkdemoiselle.security.AuthenticationException;
import br.gov.frameworkdemoiselle.security.Credentials;
import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
import br.gov.frameworkdemoiselle.security.SecurityContext;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:br/gov/frameworkdemoiselle/util/BasicAuthFilter.class */
public class BasicAuthFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof HttpServletRequest) && ((HttpServletRequest) servletRequest).getUserPrincipal() == null) {
            tryLogin((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private void tryLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            boolean performLogin = performLogin(getAuthHeader(httpServletRequest), httpServletRequest);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (performLogin) {
                performLogout();
            }
        } catch (InvalidCredentialsException e) {
            setUnauthorizedStatus(httpServletResponse, e);
        }
    }

    private boolean performLogin(String str, HttpServletRequest httpServletRequest) {
        boolean z = false;
        SecurityContext securityContext = (SecurityContext) Beans.getReference(SecurityContext.class);
        if (str != null) {
            String[] credentials = getCredentials(str);
            Credentials credentials2 = (Credentials) Beans.getReference(Credentials.class);
            credentials2.setUsername(credentials[0]);
            credentials2.setPassword(credentials[1]);
            securityContext.login();
            z = securityContext.isLoggedIn();
        }
        return z;
    }

    private void performLogout() {
        ((SecurityContext) Beans.getReference(SecurityContext.class)).logout();
    }

    private void setUnauthorizedStatus(HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("text/html");
        httpServletResponse.getWriter().write(authenticationException.getMessage());
        httpServletResponse.getWriter().flush();
        httpServletResponse.getWriter().close();
    }

    private String getAuthHeader(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        return header == null ? httpServletRequest.getHeader("authorization") : header;
    }

    private static String[] getCredentials(String str) throws InvalidCredentialsException {
        String[] strArr = null;
        Matcher matcher = Pattern.compile("^Basic[ \\n]+(.+)$").matcher(str);
        if (matcher.matches()) {
            strArr = new String(Base64.decodeBase64(matcher.group(1))).split(":");
        }
        if (strArr == null || strArr.length != 2) {
            throw new InvalidCredentialsException("Formato inválido do cabeçalho");
        }
        return strArr;
    }

    public void destroy() {
    }
}
