package com.manydesigns.portofino.shiro;

import com.manydesigns.portofino.PortofinoProperties;
import com.manydesigns.portofino.modules.BaseModule;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.lang.codec.Base64;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.PathMatchingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/portofino-base-4.2.13-SNAPSHOT.jar:com/manydesigns/portofino/shiro/HttpBasicAuthenticationFilter.class */
public class HttpBasicAuthenticationFilter extends PathMatchingFilter {
    public static final String copyright = "Copyright (C) 2005-2025 ManyDesigns srl";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) HttpBasicAuthenticationFilter.class);
    protected static final String AUTHORIZATION_HEADER = "Authorization";

    @Override // org.apache.shiro.web.filter.PathMatchingFilter
    protected boolean onPreHandle(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        UsernamePasswordToken usernamePasswordToken;
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            return true;
        }
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        String header = http.getHeader("Authorization");
        if (StringUtils.isEmpty(header)) {
            return true;
        }
        String[] principalsAndCredentials = getPrincipalsAndCredentials(header);
        String host = getHost(servletRequest);
        if (principalsAndCredentials == null || principalsAndCredentials.length < 2) {
            usernamePasswordToken = new UsernamePasswordToken((principalsAndCredentials == null || principalsAndCredentials.length == 0) ? "" : principalsAndCredentials[0], "", false, host);
        } else {
            usernamePasswordToken = new UsernamePasswordToken(principalsAndCredentials[0], principalsAndCredentials[1], false, host);
        }
        try {
            subject.login(usernamePasswordToken);
            return true;
        } catch (AuthenticationException e) {
            logger.warn("Failed HTTP basic authentication to " + http.getRequestURL(), (Throwable) e);
            HttpServletResponse http2 = WebUtils.toHttp(servletResponse);
            http2.setStatus(401);
            http2.setHeader("WWW-Authenticate", "BASIC realm=\"" + ((Configuration) servletRequest.getServletContext().getAttribute(BaseModule.PORTOFINO_CONFIGURATION)).getString(PortofinoProperties.APP_NAME) + "\"");
            return false;
        }
    }

    protected String getHost(ServletRequest servletRequest) {
        return servletRequest.getRemoteHost();
    }

    protected String[] getPrincipalsAndCredentials(String str) {
        String[] split = str.split(" ", 2);
        if (split.length < 2) {
            return null;
        }
        return Base64.decodeToString(split[1]).split(":", 2);
    }
}
