package org.mule.extension.http.api.listener;

import java.util.List;
import org.apache.commons.codec.binary.Base64;
import org.mule.extension.http.api.HttpListenerResponseAttributes;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.extension.http.internal.filter.BasicUnauthorisedException;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.api.message.Message;
import org.mule.runtime.api.security.SecurityException;
import org.mule.runtime.api.security.SecurityProviderNotFoundException;
import org.mule.runtime.api.security.UnauthorisedException;
import org.mule.runtime.api.security.UnknownAuthenticationTypeException;
import org.mule.runtime.api.security.UnsupportedAuthenticationSchemeException;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.core.api.config.i18n.CoreMessages;
import org.mule.runtime.extension.api.annotation.param.NullSafe;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.Parameter;
import org.mule.runtime.extension.api.security.AuthenticationHandler;
import org.mule.runtime.http.api.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.SystemPropertyUtils;

/* loaded from: input_file:repository/org/mule/connectors/mule-http-connector/1.5.3/mule-http-connector-1.5.3-mule-plugin.jar:org/mule/extension/http/api/listener/HttpBasicAuthenticationFilter.class */
public class HttpBasicAuthenticationFilter {
    private static final String HEADER_AUTHORIZATION = "Authorization".toLowerCase();
    protected static final Logger logger = LoggerFactory.getLogger(HttpBasicAuthenticationFilter.class);

    @Parameter
    private String realm;

    @NullSafe
    @Optional
    @Parameter
    private List<String> securityProviders;

    @Optional(defaultValue = "#[attributes]")
    @Parameter
    HttpRequestAttributes attributes;

    public void authenticate(AuthenticationHandler authenticationHandler) throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
        String str = (String) this.attributes.getHeaders().get(HEADER_AUTHORIZATION);
        if (logger.isDebugEnabled()) {
            logger.debug("Authorization header: " + str);
        }
        if (str == null || !str.startsWith("Basic ")) {
            if (str != null) {
                throw new UnsupportedAuthenticationSchemeException(I18nMessageFactory.createStaticMessage("Http Basic filter doesn't know how to handle header " + str), createUnauthenticatedMessage());
            }
            throw new BasicUnauthorisedException(null, "HTTP basic authentication", "HTTP listener", createUnauthenticatedMessage());
        }
        String str2 = new String(Base64.decodeBase64(str.substring(6).getBytes()));
        String str3 = "";
        String str4 = "";
        int indexOf = str2.indexOf(SystemPropertyUtils.VALUE_SEPARATOR);
        if (indexOf != -1) {
            str3 = str2.substring(0, indexOf);
            str4 = str2.substring(indexOf + 1);
        }
        try {
            authenticationHandler.setAuthentication(this.securityProviders, authenticationHandler.createAuthentication(authenticationHandler.createCredentialsBuilder().withUsername(str3).withPassword(str4.toCharArray()).build()));
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication success.");
            }
        } catch (UnauthorisedException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication request for user: " + str3 + " failed: " + e.toString());
            }
            throw new BasicUnauthorisedException(CoreMessages.authFailedForUser(str3), e, createUnauthenticatedMessage());
        }
    }

    private Message createUnauthenticatedMessage() {
        String str;
        str = "Basic realm=";
        str = this.realm != null ? str + "\"" + this.realm + "\"" : "Basic realm=";
        MultiMap multiMap = new MultiMap();
        multiMap.put("WWW-Authenticate", str);
        return Message.builder().nullValue().attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.UNAUTHORIZED.getStatusCode(), HttpConstants.HttpStatus.UNAUTHORIZED.getReasonPhrase(), multiMap)).build();
    }
}
