package org.opendaylight.aaa.shiro.filters;

import java.util.Locale;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.opendaylight.aaa.shiro.tokenauthrealm.auth.HttpBasicAuth;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/aaa/shiro/filters/ODLHttpAuthenticationFilter.class */
public class ODLHttpAuthenticationFilter extends BasicHttpAuthenticationFilter {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ODLHttpAuthenticationFilter.class);
    protected static final String BEARER_SCHEME = "bearer";
    protected static final String OPTIONS_HEADER = "OPTIONS";

    public ODLHttpAuthenticationFilter() {
        LOG.info("Creating the ODLHttpAuthenticationFilter");
    }

    protected String[] getPrincipalsAndCredentials(String str, String str2) {
        String decodeToString = Base64.decodeToString(str2);
        return decodeToString.contains(HttpBasicAuth.AUTH_SEP) ? decodeToString.split(HttpBasicAuth.AUTH_SEP) : new String[]{str2};
    }

    protected boolean isLoginAttempt(String str) {
        String lowerCase = getAuthzScheme().toLowerCase(Locale.ROOT);
        String lowerCase2 = str.toLowerCase(Locale.ROOT);
        return lowerCase2.startsWith(lowerCase) || lowerCase2.startsWith(BEARER_SCHEME);
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        if ("OPTIONS".equalsIgnoreCase(http.getMethod())) {
            return true;
        }
        return super.isAccessAllowed(http, servletResponse, obj);
    }
}
