package ru.ritm.rest.filters;

import java.io.IOException;
import java.security.Principal;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Priority;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.ext.Provider;
import javax.xml.bind.DatatypeConverter;
import ru.ritm.idp.connector.json.protocol.RitmJsonProtocolCodec;
import ru.ritm.rest.annotations.Guarded;

/* JADX WARN: Classes with same name are omitted:
  input_file:idp-web-2.45.1.war:WEB-INF/lib/libritmcommons-2.45.1.jar:ru/ritm/rest/filters/AuthFilter.class
 */
@Provider
@Guarded
@Priority(1000)
/* loaded from: input_file:lib/libritmcommons-2.45.1.jar:ru/ritm/rest/filters/AuthFilter.class */
public class AuthFilter implements ContainerRequestFilter {
    private static final Logger LOG = Logger.getLogger(AuthFilter.class.getName());

    @Context
    protected HttpServletRequest hreq;

    /* JADX WARN: Classes with same name are omitted:
      input_file:idp-web-2.45.1.war:WEB-INF/lib/libritmcommons-2.45.1.jar:ru/ritm/rest/filters/AuthFilter$SecurityContextImpl.class
     */
    /* loaded from: input_file:lib/libritmcommons-2.45.1.jar:ru/ritm/rest/filters/AuthFilter$SecurityContextImpl.class */
    public static class SecurityContextImpl implements SecurityContext {
        private final String login;

        public SecurityContextImpl(String str) {
            this.login = str;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public Principal getUserPrincipal() {
            return () -> {
                return this.login;
            };
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isUserInRole(String str) {
            return this.login.equalsIgnoreCase(str);
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isSecure() {
            return true;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public String getAuthenticationScheme() {
            return "BASIC";
        }
    }

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
            try {
                String first = containerRequestContext.getHeaders().getFirst(RitmJsonProtocolCodec.KEY_VIDEO_QUEUE_AUTH);
                String[] split = new String(DatatypeConverter.parseBase64Binary(first == null ? this.hreq.getParameter(RitmJsonProtocolCodec.KEY_VIDEO_QUEUE_AUTH) : first.split("\\s+")[1]), "UTF-8").split(":");
                String str = split[0];
                String str2 = split[1];
                LOG.log(Level.FINE, "basic auth: login={0}, pass={1}", new Object[]{str, str2});
                String str3 = str + "|" + this.hreq.getRemoteHost() + "|" + RemoteAddressParser.parse(this.hreq);
                if (!LoginFailures.hasFailure(str3)) {
                    this.hreq.login(str, str2);
                }
                if (this.hreq.getUserPrincipal() == null) {
                    LoginFailures.reportFailure(str3);
                } else {
                    this.hreq.getSession(true).setAttribute("users-plain-password", str2);
                }
                containerRequestContext.setSecurityContext(new SecurityContextImpl(str));
            } catch (Exception e) {
            }
        }
    }
}
