package com.stormpath.sdk.servlet.http.authc;

import com.stormpath.sdk.account.Account;
import com.stormpath.sdk.api.ApiAuthenticationResult;
import com.stormpath.sdk.api.ApiKey;
import com.stormpath.sdk.authc.AuthenticationRequest;
import com.stormpath.sdk.authc.AuthenticationResult;
import com.stormpath.sdk.authc.AuthenticationResultVisitor;
import com.stormpath.sdk.impl.util.Base64;
import com.stormpath.sdk.lang.Assert;
import com.stormpath.sdk.lang.Strings;
import com.stormpath.sdk.servlet.filter.UsernamePasswordRequestFactory;
import com.stormpath.sdk.servlet.filter.oauth.DefaultAccessTokenRequestAuthorizer;
import com.stormpath.sdk.servlet.http.impl.StormpathHttpServletRequest;
import com.stormpath.sdk.servlet.util.GrantTypeValidator;
import com.stormpath.sdk.servlet.util.RedirectUrlBuilder;
import java.nio.charset.Charset;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/stormpath/sdk/servlet/http/authc/BasicAuthenticationScheme.class */
public class BasicAuthenticationScheme extends AbstractAuthenticationScheme {
    private static final Charset UTF8 = Charset.forName(RedirectUrlBuilder.DEFAULT_ENCODING_SCHEME);
    private static final String NAME = "Basic";
    private UsernamePasswordRequestFactory usernamePasswordRequestFactory;

    public BasicAuthenticationScheme(UsernamePasswordRequestFactory usernamePasswordRequestFactory) {
        Assert.notNull(usernamePasswordRequestFactory, "UsernamePasswordRequestFactory cannot be null.");
        this.usernamePasswordRequestFactory = usernamePasswordRequestFactory;
    }

    @Override // com.stormpath.sdk.servlet.http.authc.HttpAuthenticationScheme
    public String getName() {
        return NAME;
    }

    public UsernamePasswordRequestFactory getUsernamePasswordRequestFactory() {
        return this.usernamePasswordRequestFactory;
    }

    @Override // com.stormpath.sdk.servlet.http.authc.HttpAuthenticationScheme
    public HttpAuthenticationResult authenticate(HttpAuthenticationAttempt httpAuthenticationAttempt) {
        Assert.notNull(httpAuthenticationAttempt, "attempt cannot be null.");
        Assert.notNull(httpAuthenticationAttempt.getCredentials(), "credentials cannot be null.");
        Assert.isTrue(NAME.equalsIgnoreCase(httpAuthenticationAttempt.getCredentials().getSchemeName()), "Unsupported scheme.");
        Assert.hasText(httpAuthenticationAttempt.getCredentials().getSchemeValue(), "Cannot authenticate empty Basic value.");
        String str = new String(Base64.decodeBase64(httpAuthenticationAttempt.getCredentials().getSchemeValue()), UTF8);
        String str2 = null;
        StringBuilder sb = new StringBuilder();
        int length = str.length();
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (str2 == null && charAt == ':') {
                str2 = sb.toString();
                sb = new StringBuilder((length - i) + 1);
            } else {
                sb.append(charAt);
            }
        }
        String sb2 = sb.length() > 0 ? sb.toString() : null;
        return isApiKeyAuthenticatedRequest(httpAuthenticationAttempt, str2, sb2) ? authenticateApiKey(httpAuthenticationAttempt, str2, sb2) : authenticateUsernamePassword(httpAuthenticationAttempt, str2, sb2);
    }

    protected boolean isApiKeyAuthenticatedRequest(HttpAuthenticationAttempt httpAuthenticationAttempt, String str, String str2) {
        String parameter = httpAuthenticationAttempt.getRequest().getParameter(DefaultAccessTokenRequestAuthorizer.GRANT_TYPE_PARAM_NAME);
        return (Strings.hasText(parameter) && parameter.equals(GrantTypeValidator.CLIENT_CREDENTIALS_GRANT_TYPE)) || (str != null && str.length() == 25 && str2 != null && str2.length() == 43 && str.indexOf(64) < 0);
    }

    protected AuthenticationRequest createAuthenticationRequest(HttpAuthenticationAttempt httpAuthenticationAttempt, String str, String str2) {
        return getUsernamePasswordRequestFactory().createUsernamePasswordRequest(httpAuthenticationAttempt.getRequest(), httpAuthenticationAttempt.getResponse(), str, str2);
    }

    protected HttpAuthenticationResult authenticateUsernamePassword(HttpAuthenticationAttempt httpAuthenticationAttempt, String str, String str2) {
        HttpServletRequest request = httpAuthenticationAttempt.getRequest();
        HttpServletResponse response = httpAuthenticationAttempt.getResponse();
        try {
            AuthenticationResult authenticateAccount = getApplication(httpAuthenticationAttempt.getRequest()).authenticateAccount(createAuthenticationRequest(httpAuthenticationAttempt, str, str2));
            httpAuthenticationAttempt.getRequest().setAttribute(StormpathHttpServletRequest.AUTH_TYPE_REQUEST_ATTRIBUTE_NAME, "BASIC");
            return new DefaultHttpAuthenticationResult(request, response, authenticateAccount);
        } catch (Exception e) {
            throw new HttpAuthenticationException("Unable to authenticate usernameOrEmail and password-based request for usernameOrEmail [" + str + "]: " + e.getMessage(), e);
        }
    }

    protected HttpAuthenticationResult authenticateApiKey(HttpAuthenticationAttempt httpAuthenticationAttempt, String str, String str2) throws HttpAuthenticationException {
        try {
            HttpServletRequest request = httpAuthenticationAttempt.getRequest();
            HttpServletResponse response = httpAuthenticationAttempt.getResponse();
            final ApiKey enabledApiKey = getEnabledApiKey(request, str);
            if (!str2.equals(enabledApiKey.getSecret())) {
                throw new HttpAuthenticationException("Submitted API Key secret does not match stored API Key secret.");
            }
            final Account account = enabledApiKey.getAccount();
            ApiAuthenticationResult apiAuthenticationResult = new ApiAuthenticationResult() { // from class: com.stormpath.sdk.servlet.http.authc.BasicAuthenticationScheme.1
                public ApiKey getApiKey() {
                    return enabledApiKey;
                }

                public Account getAccount() {
                    return account;
                }

                public void accept(AuthenticationResultVisitor authenticationResultVisitor) {
                    authenticationResultVisitor.visit(this);
                }

                public String getHref() {
                    return null;
                }
            };
            request.setAttribute(ApiKey.class.getName(), enabledApiKey);
            request.setAttribute(StormpathHttpServletRequest.AUTH_TYPE_REQUEST_ATTRIBUTE_NAME, "BASIC");
            return new DefaultHttpAuthenticationResult(request, response, apiAuthenticationResult);
        } catch (Exception e) {
            throw new HttpAuthenticationException("Unable to authenticate request: " + e.getMessage(), e);
        }
    }
}
