package org.mule.transport.http.filters;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mule.api.MuleEvent;
import org.mule.api.MuleMessage;
import org.mule.api.lifecycle.InitialisationException;
import org.mule.api.security.Authentication;
import org.mule.api.security.SecurityContext;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityProviderNotFoundException;
import org.mule.api.security.UnauthorisedException;
import org.mule.api.security.UnknownAuthenticationTypeException;
import org.mule.api.security.UnsupportedAuthenticationSchemeException;
import org.mule.config.i18n.CoreMessages;
import org.mule.security.AbstractEndpointSecurityFilter;
import org.mule.security.DefaultMuleAuthentication;
import org.mule.security.MuleCredentials;
import org.mule.transport.http.HttpConnector;
import org.mule.transport.http.HttpConstants;
import org.mule.transport.http.i18n.HttpMessages;

/* loaded from: input_file:org/mule/transport/http/filters/HttpBasicAuthenticationFilter.class */
public class HttpBasicAuthenticationFilter extends AbstractEndpointSecurityFilter {
    protected static final Log logger = LogFactory.getLog(HttpBasicAuthenticationFilter.class);
    private String realm;
    private boolean realmRequired = true;

    public HttpBasicAuthenticationFilter() {
    }

    public HttpBasicAuthenticationFilter(String str) {
        this.realm = str;
    }

    protected void doInitialise() throws InitialisationException {
        if (this.realm == null) {
            if (isRealmRequired()) {
                throw new InitialisationException(HttpMessages.authRealmMustBeSetOnFilter(), this);
            }
            logger.warn("There is no security realm set, using default: null");
        }
    }

    public String getRealm() {
        return this.realm;
    }

    public void setRealm(String str) {
        this.realm = str;
    }

    public boolean isRealmRequired() {
        return this.realmRequired;
    }

    public void setRealmRequired(boolean z) {
        this.realmRequired = z;
    }

    public void authenticateInbound(MuleEvent muleEvent) throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
        String str = (String) muleEvent.getMessage().getInboundProperty(HttpConstants.HEADER_AUTHORIZATION);
        if (logger.isDebugEnabled()) {
            logger.debug("Authorization header: " + str);
        }
        if (str == null || !str.startsWith("Basic ")) {
            if (str == null) {
                setUnauthenticated(muleEvent);
                throw new UnauthorisedException(muleEvent, muleEvent.getSession().getSecurityContext(), this);
            }
            setUnauthenticated(muleEvent);
            throw new UnsupportedAuthenticationSchemeException(HttpMessages.basicFilterCannotHandleHeader(str), muleEvent);
        }
        String str2 = new String(Base64.decodeBase64(str.substring(6).getBytes()));
        String str3 = "";
        String str4 = "";
        int indexOf = str2.indexOf(":");
        if (indexOf != -1) {
            str3 = str2.substring(0, indexOf);
            str4 = str2.substring(indexOf + 1);
        }
        try {
            Authentication authenticate = getSecurityManager().authenticate(createAuthentication(str3, str4, muleEvent));
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication success: " + authenticate.toString());
            }
            SecurityContext createSecurityContext = getSecurityManager().createSecurityContext(authenticate);
            createSecurityContext.setAuthentication(authenticate);
            muleEvent.getSession().setSecurityContext(createSecurityContext);
        } catch (UnauthorisedException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication request for user: " + str3 + " failed: " + e.toString());
            }
            setUnauthenticated(muleEvent);
            throw new UnauthorisedException(CoreMessages.authFailedForUser(str3), e);
        }
    }

    protected Authentication createAuthentication(String str, String str2, MuleEvent muleEvent) {
        return new DefaultMuleAuthentication(new MuleCredentials(str, str2.toCharArray()), muleEvent);
    }

    protected void setUnauthenticated(MuleEvent muleEvent) {
        String str;
        str = "Basic realm=";
        str = this.realm != null ? str + "\"" + this.realm + "\"" : "Basic realm=";
        MuleMessage message = muleEvent.getMessage();
        message.setOutboundProperty(HttpConstants.HEADER_WWW_AUTHENTICATE, str);
        message.setOutboundProperty(HttpConnector.HTTP_STATUS_PROPERTY, Integer.valueOf(HttpConstants.SC_UNAUTHORIZED));
    }

    public void authenticateOutbound(MuleEvent muleEvent) throws SecurityException, SecurityProviderNotFoundException {
        SecurityContext securityContext = muleEvent.getSession().getSecurityContext();
        if (securityContext == null) {
            if (isAuthenticate()) {
                throw new UnauthorisedException(muleEvent, securityContext, this);
            }
            return;
        }
        Authentication authentication = securityContext.getAuthentication();
        if (isAuthenticate()) {
            authentication = getSecurityManager().authenticate(authentication);
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication success: " + authentication.toString());
            }
        }
        StringBuffer stringBuffer = new StringBuffer(128);
        stringBuffer.append("Basic ");
        stringBuffer.append(new String(Base64.encodeBase64(authentication.getCredentials().toString().getBytes())));
        muleEvent.getMessage().setOutboundProperty(HttpConstants.HEADER_AUTHORIZATION, stringBuffer.toString());
    }
}
