package org.activiti.rest.application;

import org.activiti.rest.api.ActivitiUtil;
import org.activiti.rest.filter.RestAuthenticator;
import org.restlet.Application;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.ChallengeScheme;
import org.restlet.security.ChallengeAuthenticator;
import org.restlet.security.SecretVerifier;

/* loaded from: input_file:WEB-INF/lib/activiti-common-rest-5.13-alf-20160606.jar:org/activiti/rest/application/ActivitiRestApplication.class */
public abstract class ActivitiRestApplication extends Application {
    protected ChallengeAuthenticator authenticator;
    protected ActivitiStatusService activitiStatusService = new ActivitiStatusService();
    protected MediaTypeResolver mediaTypeResolver;
    protected RestAuthenticator restAuthenticator;

    public ActivitiRestApplication() {
        setStatusService(this.activitiStatusService);
    }

    public MediaTypeResolver getMediaTypeResolver() {
        if (this.mediaTypeResolver == null) {
            this.mediaTypeResolver = new DefaultMediaTypeResolver();
        }
        return this.mediaTypeResolver;
    }

    public void setRestAuthenticator(RestAuthenticator restAuthenticator) {
        this.restAuthenticator = restAuthenticator;
    }

    public void setMediaTypeResolver(MediaTypeResolver mediaTypeResolver) {
        this.mediaTypeResolver = mediaTypeResolver;
    }

    public void initializeAuthentication() {
        SecretVerifier secretVerifier = new SecretVerifier() { // from class: org.activiti.rest.application.ActivitiRestApplication.1
            @Override // org.restlet.security.SecretVerifier
            public boolean verify(String str, char[] cArr) throws IllegalArgumentException {
                return ActivitiUtil.getIdentityService().checkPassword(str, new String(cArr));
            }
        };
        this.authenticator = new ChallengeAuthenticator(null, true, ChallengeScheme.HTTP_BASIC, "Activiti Realm") { // from class: org.activiti.rest.application.ActivitiRestApplication.2
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.restlet.security.ChallengeAuthenticator, org.restlet.security.Authenticator
            public boolean authenticate(Request request, Response response) {
                if (ActivitiRestApplication.this.restAuthenticator != null && !ActivitiRestApplication.this.restAuthenticator.requestRequiresAuthentication(request)) {
                    return true;
                }
                if (request.getChallengeResponse() == null) {
                    return false;
                }
                boolean authenticate = super.authenticate(request, response);
                if (authenticate && ActivitiRestApplication.this.restAuthenticator != null) {
                    authenticate = ActivitiRestApplication.this.restAuthenticator.isRequestAuthorized(request);
                }
                return authenticate;
            }
        };
        this.authenticator.setVerifier(secretVerifier);
    }

    public String authenticate(Request request, Response response) {
        if (request.getClientInfo().isAuthenticated()) {
            return request.getClientInfo().getUser().getIdentifier();
        }
        this.authenticator.challenge(response, false);
        return null;
    }
}
