package org.opendaylight.aaa.shiro.tokenauthrealm.auth;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.List;
import java.util.Map;
import org.opendaylight.aaa.api.Authentication;
import org.opendaylight.aaa.api.AuthenticationException;
import org.opendaylight.aaa.api.CredentialAuth;
import org.opendaylight.aaa.api.PasswordCredentials;
import org.opendaylight.aaa.api.TokenAuth;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/aaa/shiro/tokenauthrealm/auth/HttpBasicAuth.class */
public class HttpBasicAuth implements TokenAuth {
    public static final String AUTH_HEADER = "Authorization";
    public static final String AUTH_SEP = ":";
    public static final String BASIC_PREFIX = "Basic ";
    public static final String DEFAULT_DOMAIN = "sdn";
    private static final int NUM_HEADER_CREDS = 2;
    private static final int NUM_TOKEN_CREDS = 3;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HttpBasicAuth.class);
    private final CredentialAuth<PasswordCredentials> credentialAuth;

    public HttpBasicAuth(CredentialAuth<PasswordCredentials> credentialAuth) {
        this.credentialAuth = credentialAuth;
    }

    private static boolean checkAuthHeaderFormat(String str) {
        return str != null && str.startsWith(BASIC_PREFIX);
    }

    private static String extractAuthHeader(Map<String, List<String>> map) {
        return map.get(AUTH_HEADER).get(0);
    }

    private static String[] extractCredentialArray(String str) {
        return new String(Base64.getDecoder().decode(str.substring(BASIC_PREFIX.length())), StandardCharsets.UTF_8).split(AUTH_SEP);
    }

    private static boolean verifyCredentialArray(String[] strArr) {
        return strArr != null && strArr.length == 2;
    }

    private static String[] addDomainToCredentialArray(String[] strArr) {
        String[] strArr2 = new String[3];
        System.arraycopy(strArr, 0, strArr2, 0, strArr.length);
        strArr2[2] = "sdn";
        return strArr2;
    }

    private static Authentication generateAuthentication(CredentialAuth<PasswordCredentials> credentialAuth, String[] strArr) throws ArrayIndexOutOfBoundsException {
        return new AuthenticationBuilder(credentialAuth.authenticate(new PasswordCredentialBuilder().setUserName(strArr[0]).setPassword(strArr[1]).setDomain(strArr[2]).build())).build();
    }

    @Override // org.opendaylight.aaa.api.TokenAuth
    public Authentication validate(Map<String, List<String>> map) throws AuthenticationException {
        if (!map.containsKey(AUTH_HEADER)) {
            return null;
        }
        String extractAuthHeader = extractAuthHeader(map);
        if (!checkAuthHeaderFormat(extractAuthHeader)) {
            return null;
        }
        String[] extractCredentialArray = extractCredentialArray(extractAuthHeader);
        if (verifyCredentialArray(extractCredentialArray)) {
            extractCredentialArray = addDomainToCredentialArray(extractCredentialArray);
        }
        try {
            return generateAuthentication(this.credentialAuth, extractCredentialArray);
        } catch (ArrayIndexOutOfBoundsException e) {
            LOG.info("Login Attempt in Bad Format. Please provide user:password in Base64 format.");
            throw new AuthenticationException("Login Attempt in Bad Format. Please provide user:password in Base64 format.", e);
        }
    }
}
