package com.tangosol.coherence.rest.providers;

import com.tangosol.coherence.rest.server.AbstractHttpServer;
import java.io.IOException;
import java.security.Principal;
import javax.inject.Inject;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Provider;
import org.glassfish.jersey.internal.util.Base64;
import org.glassfish.jersey.server.ContainerRequest;

@Provider
@PreMatching
/* loaded from: input_file:com/tangosol/coherence/rest/providers/SecurityFilter.class */
public class SecurityFilter implements ContainerRequestFilter {

    @Inject
    javax.inject.Provider<UriInfo> uriInfo;

    /* loaded from: input_file:com/tangosol/coherence/rest/providers/SecurityFilter$Authorizer.class */
    public class Authorizer implements SecurityContext {
        private String m_username;
        private Principal m_principal;
        private String m_role;
        private String m_authScheme;

        public Authorizer(String str) {
            this.m_authScheme = "BASIC";
            this.m_username = str;
            this.m_principal = new Principal() { // from class: com.tangosol.coherence.rest.providers.SecurityFilter.Authorizer.1
                @Override // java.security.Principal
                public String getName() {
                    return Authorizer.this.m_username;
                }
            };
        }

        public Authorizer(String str, Principal principal, String str2) {
            this.m_authScheme = "BASIC";
            this.m_username = str;
            this.m_principal = principal;
            this.m_authScheme = str2;
        }

        public Principal getUserPrincipal() {
            return this.m_principal;
        }

        public boolean isUserInRole(String str) {
            return str.equals(this.m_role);
        }

        public boolean isSecure() {
            return "https".equals(((UriInfo) SecurityFilter.this.uriInfo.get()).getRequestUri().getScheme());
        }

        public String getAuthenticationScheme() {
            return this.m_authScheme;
        }

        public void setAuthenticationScheme(String str) {
            this.m_authScheme = str;
        }

        public String getRole() {
            return this.m_role;
        }

        public void setRole(String str) {
            this.m_role = str;
        }
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        SecurityContext authenticate = authenticate((ContainerRequest) containerRequestContext.getRequest(), containerRequestContext.getSecurityContext());
        if (authenticate != null) {
            containerRequestContext.setSecurityContext(authenticate);
        }
    }

    private SecurityContext authenticate(ContainerRequest containerRequest, Object obj) {
        String headerString = containerRequest.getHeaderString(AbstractHttpServer.HEADER_AUTHORIZATION);
        Principal principal = null;
        if (headerString == null) {
            if (obj instanceof SecurityContext) {
                try {
                    principal = ((SecurityContext) obj).getUserPrincipal();
                } catch (Exception e) {
                    System.out.println("In SecurityFilter.authenticate(), securityContext Exception: " + e.getStackTrace());
                }
            }
            if (principal == null) {
                return null;
            }
            return new Authorizer(principal.getName(), principal, "CLIENT_CERT");
        }
        if (!headerString.startsWith("Basic ")) {
            return null;
        }
        String[] split = Base64.decodeAsString(headerString.substring("Basic ".length())).split(":");
        if (split.length < 2) {
            throw new WebApplicationException(400);
        }
        String str = split[0];
        String str2 = split[1];
        if (str == null || str2 == null) {
            throw new WebApplicationException(400);
        }
        return new Authorizer(str);
    }
}
