package org.apache.xindice.server.components;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.StringTokenizer;
import org.apache.xindice.server.Gateway;
import org.apache.xindice.server.Script;
import org.apache.xindice.server.ScriptFilter;
import org.apache.xindice.server.SimpleScriptComponent;
import org.apache.xindice.server.User;
import org.apache.xindice.util.Configuration;
import org.apache.xindice.util.ConfigurationCallback;
import org.apache.xindice.util.XindiceException;
import org.xmldb.api.base.ErrorCodes;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:lib/cdk-1.0.4.jar:org/apache/xindice/server/components/BasicAuthentication.class */
public class BasicAuthentication extends SimpleScriptComponent implements ScriptFilter {
    protected Map base64cache = Collections.synchronizedMap(new HashMap());
    protected Map aliases = new HashMap();
    private static final String ALIAS = ALIAS;
    private static final String ALIAS = ALIAS;
    private static final String NAME = "name";
    private static final String REALM = REALM;
    private static final String REALM = REALM;

    /* loaded from: input_file:lib/cdk-1.0.4.jar:org/apache/xindice/server/components/BasicAuthentication$AuthInfo.class */
    private class AuthInfo {
        public String name;
        public String pass;
        private final BasicAuthentication this$0;

        public AuthInfo(BasicAuthentication basicAuthentication, String str, String str2) {
            this.this$0 = basicAuthentication;
            this.name = str;
            this.pass = str2;
        }
    }

    @Override // org.apache.xindice.util.SimpleConfigurable, org.apache.xindice.util.Configurable
    public void setConfig(Configuration configuration) throws XindiceException {
        super.setConfig(configuration);
        configuration.processChildren(ALIAS, new ConfigurationCallback(this) { // from class: org.apache.xindice.server.components.BasicAuthentication.1
            private final BasicAuthentication this$0;

            {
                this.this$0 = this;
            }

            @Override // org.apache.xindice.util.ConfigurationCallback
            public void process(Configuration configuration2) {
                this.this$0.aliases.put(configuration2.getAttribute("name"), configuration2.getAttribute(BasicAuthentication.REALM));
            }
        });
    }

    @Override // org.apache.xindice.server.ScriptFilter
    public boolean isPackageFiltered(String str) {
        return true;
    }

    protected void sendChallenge(Gateway gateway, String str) {
        gateway.setResponseHeader("WWW-Authenticate", new StringBuffer().append("BASIC realm=\"").append(str).append("\"").toString());
        gateway.sendError(ErrorCodes.INVALID_DATABASE, "Authorization Required");
    }

    @Override // org.apache.xindice.server.ScriptFilter
    public boolean run(Script script, Gateway gateway) {
        String str;
        String pathAlias = gateway.getPathAlias();
        if (pathAlias.length() == 0 || (str = (String) this.aliases.get(pathAlias)) == null) {
            return true;
        }
        String requestHeader = gateway.getRequestHeader("Authorization");
        if (requestHeader.length() != 0) {
            StringTokenizer stringTokenizer = new StringTokenizer(requestHeader);
            if (stringTokenizer.countTokens() == 2 && stringTokenizer.nextToken().toUpperCase().equals("BASIC")) {
                try {
                    String nextToken = stringTokenizer.nextToken();
                    AuthInfo authInfo = (AuthInfo) this.base64cache.get(nextToken);
                    if (authInfo == null) {
                        StringTokenizer stringTokenizer2 = new StringTokenizer(new String(new BASE64Decoder().decodeBuffer(nextToken)), ":");
                        if (stringTokenizer2.countTokens() == 2) {
                            authInfo = new AuthInfo(this, stringTokenizer2.nextToken(), stringTokenizer2.nextToken());
                            this.base64cache.put(nextToken, authInfo);
                        }
                    }
                    gateway.setRequestHeader("REMOTE_IDENT", authInfo.name);
                    User user = this.kernel.getUser(authInfo.name);
                    int accessMethods = script.getAccessMethods();
                    if (user != null && user.getActive() && user.getPassword().equals(authInfo.pass) && (user.getRealm(str) & accessMethods) == accessMethods) {
                        gateway.setRequestHeader("REMOTE_USER", authInfo.name);
                        gateway.setRequestHeader("AUTH_TYPE", "BASIC");
                        return true;
                    }
                } catch (Exception e) {
                }
            }
        }
        sendChallenge(gateway, str);
        return false;
    }
}
