package co.codewizards.cloudstore.ls.rest.server.auth;

import co.codewizards.cloudstore.core.dto.Error;
import co.codewizards.cloudstore.core.io.ByteArrayInputStream;
import java.io.CharArrayReader;
import java.io.CharArrayWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import org.glassfish.jersey.internal.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/codewizards/cloudstore/ls/rest/server/auth/AuthFilter.class */
public class AuthFilter implements ContainerRequestFilter {
    private static final Logger logger = LoggerFactory.getLogger(AuthFilter.class);

    @Context
    protected UriInfo uriInfo;

    @Context
    protected HttpServletRequest request;

    /* loaded from: input_file:co/codewizards/cloudstore/ls/rest/server/auth/AuthFilter$SecurityContextImpl.class */
    public static class SecurityContextImpl implements SecurityContext {
        private final Principal principal;
        private final boolean secure;

        public SecurityContextImpl(final String str, boolean z) {
            this.principal = new Principal() { // from class: co.codewizards.cloudstore.ls.rest.server.auth.AuthFilter.SecurityContextImpl.1
                @Override // java.security.Principal
                public String getName() {
                    return str;
                }
            };
            this.secure = z;
        }

        public Principal getUserPrincipal() {
            return this.principal;
        }

        public boolean isUserInRole(String str) {
            return ("admin".equals(str) || !"user".equals(str) || this.principal == null) ? false : true;
        }

        public boolean isSecure() {
            return this.secure;
        }

        public String getAuthenticationScheme() {
            if (this.principal == null) {
                return null;
            }
            return "BASIC";
        }
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        int read;
        String header = this.request.getHeader("Authorization");
        if (header == null || header.isEmpty()) {
            logger.debug("getAuth: There is no 'Authorization' header. Replying with a Status.UNAUTHORIZED response asking for 'Basic' authentication.");
            throw newUnauthorizedException();
        }
        logger.debug("getAuth: 'Authorization' header: {}", header);
        if (!header.startsWith("Basic")) {
            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).type("application/xml").entity(new Error("Only 'Basic' authentication is supported!")).build());
        }
        byte[] basicAuthEncodedBA = getBasicAuthEncodedBA(header.substring("Basic".length()).trim());
        StringBuilder sb = new StringBuilder();
        char[] cArr = null;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(basicAuthEncodedBA);
        char[] cArr2 = null;
        CharArrayWriter charArrayWriter = new CharArrayWriter(basicAuthEncodedBA.length + 1);
        try {
            try {
                InputStreamReader inputStreamReader = new InputStreamReader((InputStream) byteArrayInputStream, "UTF-8");
                int i = 0;
                do {
                    char[] cArr3 = new char[10];
                    read = inputStreamReader.read(cArr3);
                    charArrayWriter.write(cArr3);
                    if (read > 0) {
                        i += read;
                    }
                } while (read >= 0);
                int i2 = 0;
                char[] charArray = charArrayWriter.toCharArray();
                cArr2 = charArray;
                CharArrayReader charArrayReader = new CharArrayReader(charArray);
                int i3 = 0;
                while (i2 >= 0 && i2 < i) {
                    char[] cArr4 = new char[1];
                    i2 = charArrayReader.read(cArr4);
                    if (i2 > 0) {
                        i3 += i2;
                    }
                    if (cArr4[0] == ':') {
                        break;
                    } else {
                        sb.append(cArr4[0]);
                    }
                }
                if (i2 >= 0 && i2 < i) {
                    cArr = new char[i - i3];
                    int read2 = charArrayReader.read(cArr);
                    if (read2 + i3 != i) {
                        throw new IllegalStateException("passwordSize and charsRead must match charsReadTotal! passwordSize=" + read2 + ", charsRead=" + i2 + ", charsReadTotal=" + i);
                    }
                }
                Arrays.fill(basicAuthEncodedBA, (byte) 0);
                if (cArr2 != null) {
                    Arrays.fill(cArr2, (char) 0);
                }
                if (charArrayWriter != null) {
                    char[] cArr5 = new char[charArrayWriter.size()];
                    charArrayWriter.reset();
                    try {
                        charArrayWriter.write(cArr5);
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
                String sb2 = sb.toString();
                boolean isPasswordValid = AuthManager.getInstance().isPasswordValid(cArr);
                Arrays.fill(cArr, (char) 0);
                if (!isPasswordValid) {
                    throw newUnauthorizedException();
                }
                containerRequestContext.setSecurityContext(new SecurityContextImpl(sb2, "https".equals(this.uriInfo.getRequestUri().getScheme())));
            } catch (Exception e2) {
                throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).type("application/xml").entity(new Error(e2)).build());
            }
        } catch (Throwable th) {
            Arrays.fill(basicAuthEncodedBA, (byte) 0);
            if (cArr2 != null) {
                Arrays.fill(cArr2, (char) 0);
            }
            if (charArrayWriter != null) {
                char[] cArr6 = new char[charArrayWriter.size()];
                charArrayWriter.reset();
                try {
                    charArrayWriter.write(cArr6);
                } catch (IOException e3) {
                    throw new RuntimeException(e3);
                }
            }
            throw th;
        }
    }

    private WebApplicationException newUnauthorizedException() {
        return new NotAuthorizedException("Basic realm=\"CloudStoreServer.Local\"", new Object[0]);
    }

    private byte[] getBasicAuthEncodedBA(String str) {
        try {
            return Base64.decode(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
