package com.xpn.xwiki.user.impl.xwiki;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import java.io.IOException;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.securityfilter.authenticator.BasicAuthenticator;
import org.securityfilter.filter.SecurityFilter;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.realm.SimplePrincipal;

/* loaded from: input_file:WEB-INF/lib/xwiki-platform-legacy-oldcore-5.0.3.jar:com/xpn/xwiki/user/impl/xwiki/MyBasicAuthenticator.class */
public class MyBasicAuthenticator extends BasicAuthenticator implements XWikiAuthenticator {
    @Override // org.securityfilter.authenticator.BasicAuthenticator, org.securityfilter.authenticator.Authenticator
    public boolean processLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse) throws Exception {
        return processLogin(securityRequestWrapper, httpServletResponse, null);
    }

    @Override // com.xpn.xwiki.user.impl.xwiki.XWikiAuthenticator
    public boolean processLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, XWikiContext xWikiContext) throws Exception {
        if (checkLogin(securityRequestWrapper, httpServletResponse, xWikiContext) != null) {
            return false;
        }
        showLogin(securityRequestWrapper.getCurrentRequest(), httpServletResponse);
        return true;
    }

    @Override // com.xpn.xwiki.user.impl.xwiki.XWikiAuthenticator
    public boolean processLogin(String str, String str2, String str3, SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, XWikiContext xWikiContext) throws Exception {
        Principal authenticate = authenticate(str, str2, xWikiContext);
        if (authenticate == null) {
            showLogin(securityRequestWrapper.getCurrentRequest(), httpServletResponse);
            return true;
        }
        securityRequestWrapper.getSession().removeAttribute(LOGIN_ATTEMPTS);
        if (!StringUtils.contains(authenticate.getName(), 58)) {
            authenticate = new SimplePrincipal(xWikiContext.getDatabase() + ":" + authenticate.getName());
        }
        securityRequestWrapper.setUserPrincipal(authenticate);
        return false;
    }

    private static String convertUsername(String str, XWikiContext xWikiContext) {
        return xWikiContext.getWiki().convertUsername(str, xWikiContext);
    }

    public static Principal checkLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, XWikiContext xWikiContext) throws Exception {
        String header = securityRequestWrapper.getHeader("Authorization");
        if (header == null) {
            return null;
        }
        String decodeBasicAuthorizationString = decodeBasicAuthorizationString(header);
        Principal authenticate = authenticate(convertUsername(parseUsername(decodeBasicAuthorizationString), xWikiContext), parsePassword(decodeBasicAuthorizationString), xWikiContext);
        if (authenticate == null) {
            return null;
        }
        securityRequestWrapper.getSession().removeAttribute(LOGIN_ATTEMPTS);
        if (!StringUtils.contains(authenticate.getName(), 58)) {
            authenticate = new SimplePrincipal(xWikiContext.getDatabase() + ":" + authenticate.getName());
        }
        securityRequestWrapper.setUserPrincipal(authenticate);
        return authenticate;
    }

    public static String parseUsername(String str) {
        int indexOf;
        if (str != null && (indexOf = str.indexOf(58)) >= 0) {
            return str.substring(0, indexOf).trim();
        }
        return null;
    }

    public static String parsePassword(String str) {
        int indexOf;
        if (str != null && (indexOf = str.indexOf(58)) >= 0) {
            return str.substring(indexOf + 1).trim();
        }
        return null;
    }

    public static String decodeBasicAuthorizationString(String str) {
        if (str == null || !str.toLowerCase().startsWith("basic ")) {
            return null;
        }
        return new String(Base64.decodeBase64(str.substring(6).trim().getBytes()));
    }

    public static Principal authenticate(String str, String str2, XWikiContext xWikiContext) throws XWikiException {
        return xWikiContext.getWiki().getAuthService().authenticate(str, str2, xWikiContext);
    }

    public static void showLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        SecurityFilter.saveRequestInformation(httpServletRequest);
        int intValue = httpServletRequest.getSession().getAttribute(LOGIN_ATTEMPTS) != null ? ((Integer) httpServletRequest.getSession().getAttribute(LOGIN_ATTEMPTS)).intValue() + 1 : 1;
        httpServletRequest.getSession().setAttribute(LOGIN_ATTEMPTS, new Integer(intValue));
        if (intValue <= 3) {
            httpServletResponse.setHeader("WWW-Authenticate", "BASIC realm=\"" + str + "\"");
            httpServletResponse.setStatus(401);
        } else {
            httpServletRequest.getSession().removeAttribute(LOGIN_ATTEMPTS);
            httpServletResponse.sendError(401, BasicAuthenticator.LOGIN_FAILED_MESSAGE);
        }
    }

    @Override // com.xpn.xwiki.user.impl.xwiki.XWikiAuthenticator
    public void showLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, XWikiContext xWikiContext) throws IOException {
        showLogin(httpServletRequest, httpServletResponse, this.realmName);
    }
}
