package org.kantega.respiro.security;

import java.io.IOException;
import java.security.Principal;
import java.util.Base64;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:org/kantega/respiro/security/BasicAuthenticationFilter.class */
public class BasicAuthenticationFilter implements Filter {
    private final String securityRealm;
    private final PasswordChecker passwordChecker;

    public BasicAuthenticationFilter(String str, PasswordChecker passwordChecker) {
        this.securityRealm = str;
        this.passwordChecker = passwordChecker;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            String[] split = new String(Base64.getDecoder().decode(header.substring("Basic ".length()).getBytes())).split(":");
            final String str = split[0];
            final AuthenticationResult checkPassword = this.passwordChecker.checkPassword(str, split[1]);
            if (checkPassword.isAuthenticated()) {
                filterChain.doFilter(new HttpServletRequestWrapper(httpServletRequest) { // from class: org.kantega.respiro.security.BasicAuthenticationFilter.1
                    public String getRemoteUser() {
                        return str;
                    }

                    public boolean isUserInRole(String str2) {
                        return checkPassword.getRoles().contains(str2);
                    }

                    public Principal getUserPrincipal() {
                        return this::getRemoteUser;
                    }
                }, servletResponse);
                return;
            }
        }
        httpServletResponse.setStatus(401);
        httpServletResponse.setHeader("WWW-Authenticate", String.format("Basic realm=\"%s\"", this.securityRealm));
    }

    public void destroy() {
    }
}
