package org.springframework.extensions.webscripts;

import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.extensions.surf.util.Base64;
import org.springframework.extensions.webscripts.Description;
import org.springframework.extensions.webscripts.servlet.ServletAuthenticatorFactory;
import org.springframework.extensions.webscripts.servlet.WebScriptServletRequest;
import org.springframework.extensions.webscripts.servlet.WebScriptServletResponse;

/* loaded from: input_file:WEB-INF/lib/spring-webscripts-8.26.jar:org/springframework/extensions/webscripts/AbstractBasicHttpAuthenticatorFactory.class */
public abstract class AbstractBasicHttpAuthenticatorFactory implements ServletAuthenticatorFactory {
    private static Log logger = LogFactory.getLog(AbstractBasicHttpAuthenticatorFactory.class);
    protected String guestUserName = "Guest";
    protected String basicRealm = "WebScripts";

    /* loaded from: input_file:WEB-INF/lib/spring-webscripts-8.26.jar:org/springframework/extensions/webscripts/AbstractBasicHttpAuthenticatorFactory$BasicHttpAuthenticator.class */
    public class BasicHttpAuthenticator implements Authenticator {
        private WebScriptServletRequest servletReq;
        private WebScriptServletResponse servletRes;
        private String authorization;

        public BasicHttpAuthenticator(WebScriptServletRequest webScriptServletRequest, WebScriptServletResponse webScriptServletResponse) {
            this.servletReq = webScriptServletRequest;
            this.servletRes = webScriptServletResponse;
            this.authorization = this.servletReq.getHttpServletRequest().getHeader("Authorization");
        }

        @Override // org.springframework.extensions.webscripts.Authenticator
        public boolean authenticate(Description.RequiredAuthentication requiredAuthentication, boolean z) {
            boolean z2 = false;
            HttpServletResponse httpServletResponse = this.servletRes.getHttpServletResponse();
            if (AbstractBasicHttpAuthenticatorFactory.logger.isDebugEnabled()) {
                AbstractBasicHttpAuthenticatorFactory.logger.debug("HTTP Authorization provided: " + ((this.authorization == null || this.authorization.length() == 0) ? false : true));
            }
            if (z && Description.RequiredAuthentication.guest == requiredAuthentication) {
                z2 = true;
            } else if (this.authorization != null && this.authorization.length() > 0) {
                String[] split = this.authorization.split(StringUtils.SPACE);
                if (!split[0].equalsIgnoreCase("basic")) {
                    throw new WebScriptException("Authorization '" + split[0] + "' not supported.");
                }
                String[] split2 = new String(Base64.decode(split[1])).split(":");
                if (split2.length == 2) {
                    if (AbstractBasicHttpAuthenticatorFactory.logger.isDebugEnabled()) {
                        AbstractBasicHttpAuthenticatorFactory.logger.debug("Authenticating (BASIC HTTP) user " + split2[0]);
                    }
                    try {
                        z2 = AbstractBasicHttpAuthenticatorFactory.this.doAuthenticate(split2[0], split2[1]);
                        if (z2) {
                            if (!AbstractBasicHttpAuthenticatorFactory.this.doAuthorize(split2[0], requiredAuthentication)) {
                                z2 = false;
                            }
                        }
                    } catch (Throwable th) {
                        AbstractBasicHttpAuthenticatorFactory.logger.warn("Failed during authorization: " + th.getMessage(), th);
                        if (th instanceof RuntimeException) {
                            throw ((RuntimeException) th);
                        }
                        throw new RuntimeException(th);
                    }
                }
            }
            if (!z2) {
                if (AbstractBasicHttpAuthenticatorFactory.logger.isDebugEnabled()) {
                    AbstractBasicHttpAuthenticatorFactory.logger.debug("Requesting authorization credentials");
                }
                httpServletResponse.setStatus(401);
                httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + AbstractBasicHttpAuthenticatorFactory.this.basicRealm + "\"");
            }
            return z2;
        }

        @Override // org.springframework.extensions.webscripts.Authenticator
        public boolean emptyCredentials() {
            return this.authorization == null || this.authorization.length() == 0;
        }
    }

    @Override // org.springframework.extensions.webscripts.servlet.ServletAuthenticatorFactory
    public Authenticator create(WebScriptServletRequest webScriptServletRequest, WebScriptServletResponse webScriptServletResponse) {
        return new BasicHttpAuthenticator(webScriptServletRequest, webScriptServletResponse);
    }

    public abstract boolean doAuthenticate(String str, String str2);

    public abstract boolean doAuthorize(String str, Description.RequiredAuthentication requiredAuthentication);

    public void setGuestUserName(String str) {
        this.guestUserName = str;
    }

    public void setBasicRealm(String str) {
        this.basicRealm = str;
    }
}
