package org.apache.felix.webconsole.internal.servlet;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.felix.webconsole.WebConsoleSecurityProvider;
import org.apache.felix.webconsole.WebConsoleSecurityProvider2;
import org.eclipse.jetty.util.URIUtil;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.util.tracker.ServiceTracker;

/* loaded from: input_file:jar/org.apache.felix.webconsole-4.2.10-all.jar:org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.class */
final class OsgiManagerHttpContext implements HttpContext {
    private static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
    private static final String HEADER_AUTHORIZATION = "Authorization";
    private static final String AUTHENTICATION_SCHEME_BASIC = "Basic";
    private final HttpContext base;
    private final ServiceTracker tracker;
    private final String username;
    private final Password password;
    private final String realm;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OsgiManagerHttpContext(HttpService httpService, ServiceTracker serviceTracker, String str, String str2, String str3) {
        this.tracker = serviceTracker;
        this.username = str;
        this.password = new Password(str2);
        this.realm = str3;
        this.base = httpService.createDefaultHttpContext();
    }

    @Override // org.osgi.service.http.HttpContext
    public String getMimeType(String str) {
        return this.base.getMimeType(str);
    }

    @Override // org.osgi.service.http.HttpContext
    public URL getResource(String str) {
        URL resource = this.base.getResource(str);
        return (resource == null && str.endsWith(URIUtil.SLASH)) ? this.base.getResource(str.substring(0, str.length() - 1)) : resource;
    }

    @Override // org.osgi.service.http.HttpContext
    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String trim;
        int indexOf;
        Object service = this.tracker.getService();
        if (service instanceof WebConsoleSecurityProvider2) {
            return ((WebConsoleSecurityProvider2) service).authenticate(httpServletRequest, httpServletResponse);
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.length() > 0 && (indexOf = (trim = header.trim()).indexOf(32)) > 0) {
            String substring = trim.substring(0, indexOf);
            String trim2 = trim.substring(indexOf).trim();
            if (substring.equalsIgnoreCase(AUTHENTICATION_SCHEME_BASIC)) {
                try {
                    byte[][] base64Decode = base64Decode(trim2);
                    String osgiManagerHttpContext = toString(base64Decode[0]);
                    if (authenticate(service, osgiManagerHttpContext, base64Decode[1])) {
                        httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "BASIC");
                        httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", osgiManagerHttpContext);
                        httpServletRequest.setAttribute(WebConsoleSecurityProvider2.USER_ATTRIBUTE, osgiManagerHttpContext);
                        return true;
                    }
                } catch (Exception e) {
                }
            }
        }
        try {
            httpServletResponse.setHeader("WWW-Authenticate", new StringBuffer().append("Basic realm=\"").append(this.realm).append("\"").toString());
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentLength(0);
            httpServletResponse.flushBuffer();
            return false;
        } catch (IOException e2) {
            return false;
        }
    }

    public boolean authorize(HttpServletRequest httpServletRequest, String str) {
        Object attribute = httpServletRequest.getAttribute(WebConsoleSecurityProvider2.USER_ATTRIBUTE);
        if (attribute == null) {
            return false;
        }
        WebConsoleSecurityProvider webConsoleSecurityProvider = (WebConsoleSecurityProvider) this.tracker.getService();
        if (webConsoleSecurityProvider != null) {
            return webConsoleSecurityProvider.authorize(attribute, str);
        }
        return true;
    }

    /* JADX WARN: Type inference failed for: r0v18, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r0v5, types: [byte[], byte[][]] */
    private static byte[][] base64Decode(String str) {
        byte[] decodeBase64 = Base64.decodeBase64(str);
        for (int i = 0; i < decodeBase64.length; i++) {
            if (decodeBase64[i] == 58) {
                byte[] bArr = new byte[i];
                byte[] bArr2 = new byte[(decodeBase64.length - i) - 1];
                System.arraycopy(decodeBase64, 0, bArr, 0, bArr.length);
                System.arraycopy(decodeBase64, i + 1, bArr2, 0, bArr2.length);
                return new byte[]{bArr, bArr2};
            }
        }
        return new byte[]{decodeBase64, new byte[0]};
    }

    private static String toString(byte[] bArr) {
        try {
            return new String(bArr, "ISO-8859-1");
        } catch (UnsupportedEncodingException e) {
            return new String(bArr);
        }
    }

    private boolean authenticate(Object obj, String str, byte[] bArr) {
        return obj != null ? ((WebConsoleSecurityProvider) obj).authenticate(str, toString(bArr)) != null : this.username.equals(str) && this.password.matches(bArr);
    }
}
