package org.eclipse.scout.rt.server.commons.servletfilter.security;

import java.io.IOException;
import java.util.HashMap;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.scout.commons.Base64Utility;
import org.eclipse.scout.commons.security.SimplePrincipal;
import org.eclipse.scout.rt.server.commons.cache.IHttpSessionCacheService;
import org.eclipse.scout.rt.server.commons.servletfilter.FilterConfigInjection;
import org.eclipse.scout.service.SERVICES;

/* loaded from: input_file:org/eclipse/scout/rt/server/commons/servletfilter/security/BasicSecurityFilter.class */
public class BasicSecurityFilter extends AbstractChainableSecurityFilter {
    public static final String PROP_BASIC_ATTEMPT = "BasicSecurityFilter.basicAttempt";
    private HashMap<String, String> m_userDatabase;

    @Override // org.eclipse.scout.rt.server.commons.servletfilter.security.AbstractChainableSecurityFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        String initParameter = new FilterConfigInjection(filterConfig, getClass()).getAnyConfig().getInitParameter("users");
        if (initParameter == null) {
            throw new ServletException("missing init-param with name 'users'");
        }
        this.m_userDatabase = new HashMap<>();
        for (String str : initParameter.split(",")) {
            String[] split = str.trim().split("=", 2);
            this.m_userDatabase.put(split[0].toLowerCase(), split[1]);
        }
    }

    @Override // org.eclipse.scout.rt.server.commons.servletfilter.security.AbstractChainableSecurityFilter
    public void destroy() {
        this.m_userDatabase.clear();
    }

    @Override // org.eclipse.scout.rt.server.commons.servletfilter.security.AbstractChainableSecurityFilter
    protected int negotiate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, PrincipalHolder principalHolder) throws IOException, ServletException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.matches("Basic .*")) {
            String[] split = new String(Base64Utility.decode(header.substring(6)), "ISO-8859-1").split(":", 2);
            String lowerCase = split[0].toLowerCase();
            String str = split[1];
            if (lowerCase != null && str != null && str.equals(this.m_userDatabase.get(lowerCase))) {
                principalHolder.setPrincipal(new SimplePrincipal(lowerCase));
                return 3;
            }
        }
        int basicAttempt = getBasicAttempt(httpServletRequest, httpServletResponse);
        if (basicAttempt > 2) {
            return 1;
        }
        setBasicAttept(httpServletRequest, httpServletResponse, basicAttempt + 1);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + getRealm() + "\"");
        return 1;
    }

    private int getBasicAttempt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = 0;
        Object andTouch = ((IHttpSessionCacheService) SERVICES.getService(IHttpSessionCacheService.class)).getAndTouch(PROP_BASIC_ATTEMPT, httpServletRequest, httpServletResponse);
        if (andTouch instanceof Integer) {
            i = ((Integer) andTouch).intValue();
        }
        return i;
    }

    private void setBasicAttept(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        ((IHttpSessionCacheService) SERVICES.getService(IHttpSessionCacheService.class)).put(PROP_BASIC_ATTEMPT, Integer.valueOf(i), httpServletRequest, httpServletResponse);
    }
}
