package oracle.security.jazn.oc4j;

import com.evermind.server.http.HttpAuthenticator;
import java.io.IOException;
import java.net.PasswordAuthentication;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNWebAppConfig;
import oracle.security.jazn.util.Env;

/* loaded from: input_file:oracle/security/jazn/oc4j/WebSSOAuthenticator.class */
public class WebSSOAuthenticator implements HttpAuthenticator {
    private JAZNConfig _config;
    private JAZNWebAppConfig _jwaConfig;

    public WebSSOAuthenticator() {
        this(null, null);
    }

    public WebSSOAuthenticator(JAZNConfig jAZNConfig, JAZNWebAppConfig jAZNWebAppConfig) {
        this._config = jAZNConfig != null ? jAZNConfig : JAZNConfig.getJAZNConfig();
        this._jwaConfig = jAZNWebAppConfig;
    }

    public JAZNConfig getJAZNConfig() {
        return this._config;
    }

    public JAZNWebAppConfig getJAZNWebAppConfig() {
        return this._jwaConfig;
    }

    public String getAuthType() {
        return KerberosAuthenticator.SSO_REALM;
    }

    public PasswordAuthentication getAuthentication(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("REMOTE-USER");
        if (header == null) {
            return null;
        }
        JAZNUserManager.putThrAttr(Env.AUTH_STATUS, Env.AUTH_STATUS_AUTHENTICATED);
        return new PasswordAuthentication(header, new char[0]);
    }

    public void reject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) throws IOException {
        if (httpServletRequest.getRemoteUser() != null) {
            httpServletResponse.sendError(403);
        } else {
            httpServletResponse.setHeader("Osso-Paranoid", "false");
            httpServletResponse.sendError(499, "Oracle SSO");
        }
    }
}
