package com.ibm.nex.core.rest.security;

import com.ibm.nex.core.crypt.Base64;
import com.ibm.nex.core.rest.HttpStatusConstants;
import com.ibm.nex.core.util.logging.AbstractLoggable;
import java.io.IOException;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.http.HttpContext;

/* loaded from: input_file:com/ibm/nex/core/rest/security/SecureHttpContext.class */
public class SecureHttpContext extends AbstractLoggable implements HttpContext {
    public static final String COPYRIGHT = "� Copyright IBM Corp. 2012";
    private static final String HTTP_HEADER_AUTHENTICATE = "WWW-Authenticate";
    private static final String HTTP_HEADER_AUTHORIZATION = "Authorization";
    private static final String OPTIM_REALM_NAME = "optim@localhost";

    public String getMimeType(String str) {
        return null;
    }

    public URL getResource(String str) {
        return null;
    }

    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        boolean z = false;
        try {
            String header = httpServletRequest.getHeader(HTTP_HEADER_AUTHORIZATION);
            if (header == null || header.isEmpty()) {
                sendAuthenticationHeader(httpServletResponse, OPTIM_REALM_NAME);
            } else {
                z = computeAuthHeader(httpServletRequest, header, OPTIM_REALM_NAME);
                if (!z) {
                    httpServletResponse.sendError(HttpStatusConstants.FORBIDDEN);
                }
            }
        } catch (IOException e) {
            error("sending response failed", new Object[]{e.getLocalizedMessage()});
        }
        return z;
    }

    private boolean computeAuthHeader(HttpServletRequest httpServletRequest, String str, String str2) {
        debug("received authentication request ''{0}''", new Object[]{str});
        String[] split = str.trim().split(" ");
        if (split.length != 2) {
            warn("Authentication header ''{0}'' must contain of two parts separated by a blank", new Object[]{str});
            return false;
        }
        String trim = split[0].trim();
        String trim2 = split[1].trim();
        if (!"BASIC".equalsIgnoreCase(trim)) {
            warn("We don't support ''{0}'' authentication, processing aborted", new Object[]{trim});
            return false;
        }
        try {
            String str3 = new String(Base64.decode(trim2));
            String[] split2 = str3.split(":");
            if (split2.length < 2) {
                warn("Authorization header ''{0}'' must contain two elements separated by a colon", new Object[]{str3});
                return false;
            }
            String str4 = split2[0];
            String str5 = split2[1];
            debug("Extracted user ''{0}'' -> going to authenticate!", new Object[]{str4});
            if (!new InformixAuthenticator().authenticate(str2, str4, str5)) {
                return false;
            }
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "BASIC");
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", str4);
            debug("Login of user ''{0}'' succeeded!", new Object[]{str4});
            return true;
        } catch (Exception e) {
            error("Authentication request '" + trim2 + "' went wrong", new Object[]{e});
            return false;
        }
    }

    private void sendAuthenticationHeader(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setHeader(HTTP_HEADER_AUTHENTICATE, "BASIC realm=\"" + str + "\"");
        httpServletResponse.sendError(HttpStatusConstants.UNAUTHORIZED);
    }
}
