package com.terracotta.management.security.shiro.web.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.codehaus.jackson.util.MinimalPrettyPrinter;

/* loaded from: input_file:WEB-INF/classes/com/terracotta/management/security/shiro/web/filter/TCBasicWithFormFallbackAuthenticationFilter.class */
public class TCBasicWithFormFallbackAuthenticationFilter extends FormAuthenticationFilter {
    private boolean isBasicAuth;
    private static final String AUTHORIZATION_HEADER = "Authorization";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.FormAuthenticationFilter, org.apache.shiro.web.filter.AccessControlFilter
    public boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isBasicLoginAttempt(servletRequest, servletResponse)) {
            this.isBasicAuth = false;
            return super.onAccessDenied(servletRequest, servletResponse);
        }
        this.isBasicAuth = true;
        if (executeLogin(servletRequest, servletResponse)) {
            return true;
        }
        WebUtils.toHttp(servletResponse).setStatus(401);
        return false;
    }

    private boolean isBasicLoginAttempt(ServletRequest servletRequest, ServletResponse servletResponse) {
        String header = WebUtils.toHttp(servletRequest).getHeader("Authorization");
        return header != null && header.toLowerCase().startsWith("basic");
    }

    protected boolean sendChallenge(ServletRequest servletRequest, ServletResponse servletResponse) {
        WebUtils.toHttp(servletResponse).setStatus(401);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.FormAuthenticationFilter, org.apache.shiro.web.filter.authc.AuthenticatingFilter
    public boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (this.isBasicAuth) {
            return true;
        }
        return super.onLoginSuccess(authenticationToken, subject, servletRequest, servletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.FormAuthenticationFilter, org.apache.shiro.web.filter.authc.AuthenticatingFilter
    public boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        if (this.isBasicAuth) {
            return false;
        }
        return super.onLoginFailure(authenticationToken, authenticationException, servletRequest, servletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.FormAuthenticationFilter, org.apache.shiro.web.filter.authc.AuthenticatingFilter
    public AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        if (!this.isBasicAuth) {
            return super.createToken(servletRequest, servletResponse);
        }
        String header = WebUtils.toHttp(servletRequest).getHeader("Authorization");
        if (header == null || header.length() == 0) {
            return createToken("", "", servletRequest, servletResponse);
        }
        String[] principalsAndCredentials = getPrincipalsAndCredentials(header, servletRequest);
        if (principalsAndCredentials == null || principalsAndCredentials.length < 2) {
            return createToken((principalsAndCredentials == null || principalsAndCredentials.length == 0) ? "" : principalsAndCredentials[0], "", servletRequest, servletResponse);
        }
        return createToken(principalsAndCredentials[0], principalsAndCredentials[1], servletRequest, servletResponse);
    }

    private String[] getPrincipalsAndCredentials(String str, ServletRequest servletRequest) {
        String[] split;
        if (str == null || (split = str.split(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR)) == null || split.length < 2) {
            return null;
        }
        return Base64.decodeToString(split[1]).split(":", 2);
    }
}
