package oracle.security.jazn.oc4j;

import com.evermind.server.http.HttpAuthenticator;
import java.io.IOException;
import java.net.PasswordAuthentication;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.security.jazn.ApplicationServerProxy;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNRuntimeException;
import oracle.security.jazn.JAZNWebAppConfig;
import oracle.security.jazn.callback.JAZNCallbackHandler;
import oracle.security.jazn.util.Dbg;
import oracle.security.jazn.util.Env;

/* loaded from: input_file:oracle/security/jazn/oc4j/BasicAuthenticator.class */
class BasicAuthenticator implements HttpAuthenticator {
    private JAZNConfig _config;
    private JAZNWebAppConfig _jwaConfig;
    private String _appName;
    private LoginContext _loginCtx;
    private JAZNCallbackHandler _cbHandler;
    protected String _realm;

    public BasicAuthenticator(JAZNConfig jAZNConfig) {
        this(jAZNConfig, null, null);
    }

    public BasicAuthenticator(JAZNConfig jAZNConfig, JAZNWebAppConfig jAZNWebAppConfig, String str) {
        this._realm = "JAAS";
        if (jAZNConfig != null) {
            this._config = jAZNConfig;
        } else {
            this._config = JAZNConfig.getJAZNConfig();
        }
        this._jwaConfig = jAZNWebAppConfig;
        if (str != null) {
            this._realm = str;
        }
    }

    public JAZNConfig getJAZNConfig() {
        return this._config;
    }

    public JAZNWebAppConfig getJAZNWebAppConfig() {
        return this._jwaConfig;
    }

    public String getAuthType() {
        return "BASIC";
    }

    public synchronized String getApplicationName() {
        if (this._appName == null) {
            this._appName = ApplicationServerProxy.getApplicationName();
        }
        return this._appName;
    }

    public synchronized CallbackHandler getCallbackHandler(String str, char[] cArr) {
        if (this._cbHandler == null) {
            this._cbHandler = new JAZNCallbackHandler(getJAZNConfig(), getJAZNWebAppConfig());
        }
        this._cbHandler.setName(str);
        this._cbHandler.setPassword(cArr);
        return this._cbHandler;
    }

    public synchronized LoginContext getLoginContext(String str, char[] cArr) {
        try {
            this._loginCtx = (LoginContext) OC4JUtil.doWithJAZNClsLdr(getJAZNConfig(), new GetLoginContextAction(getApplicationName(), getCallbackHandler(str, cArr)));
            return this._loginCtx;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    public void setRealm(String str) {
        this._realm = str;
    }

    public PasswordAuthentication getAuthentication(HttpServletRequest httpServletRequest) {
        int indexOf;
        String header = httpServletRequest.getHeader("AUTHORIZATION");
        if (header == null || (indexOf = header.indexOf(32)) <= 0 || !header.substring(0, indexOf).equalsIgnoreCase("Basic")) {
            return null;
        }
        try {
            byte[] base64Decode = ApplicationServerProxy.base64Decode(header.substring(indexOf + 1, header.length()).toCharArray());
            for (int i = 0; i < base64Decode.length; i++) {
                if (base64Decode[i] == 58) {
                    String str = new String(base64Decode, 0, i);
                    int i2 = i + 1;
                    char[] cArr = new char[base64Decode.length - i2];
                    for (int i3 = 0; i3 < base64Decode.length - i2; i3++) {
                        cArr[i3] = (char) base64Decode[i2 + i3];
                    }
                    boolean booleanValue = ((Boolean) OC4JUtil.doWithJAZNClsLdr(getJAZNConfig(), new DoJAASLoginAction(getLoginContext(str, cArr)))).booleanValue();
                    if (booleanValue) {
                        JAZNUserManager.putThrAttr(Env.JAAS_SUBJECT, this._loginCtx.getSubject());
                    }
                    JAZNUserManager.putThrAttr(Env.AUTH_STATUS, booleanValue ? Env.AUTH_STATUS_AUTHENTICATED : Env.AUTH_STATUS_AUTHENTICATION_FAILURE);
                    return new PasswordAuthentication(str, cArr);
                }
            }
            return null;
        } catch (IllegalArgumentException e) {
            return null;
        }
    }

    public void reject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) throws IOException {
        if (httpServletResponse.isCommitted()) {
            return;
        }
        httpServletResponse.setHeader("WWW-Authenticate", new StringBuffer().append("Basic realm=\"").append(this._realm).append('\"').toString());
        httpServletResponse.sendError(401);
    }
}
