package org.universAAL.ri.api.manager.server;

import java.io.IOException;
import java.net.URL;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.http.HttpContext;
import org.universAAL.ri.api.manager.Activator;

/* loaded from: input_file:org/universAAL/ri/api/manager/server/Authenticator.class */
public class Authenticator implements HttpContext {
    private static final String REALM = "universAAL";
    private static Hashtable<String, String> users = new Hashtable<>();

    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            String[] userAndPass = getUserAndPass(header);
            if (authenticate(userAndPass[0], userAndPass[1])) {
                httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "Basic");
                httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", userAndPass[0]);
                return true;
            }
        }
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"universAAL\"");
        httpServletResponse.setStatus(401);
        httpServletResponse.sendError(401, "Authorization information missing");
        return false;
    }

    private boolean authenticate(String str, String str2) {
        String str3 = users.get(str);
        if (str3 != null) {
            return str3.equals(str2);
        }
        if (!Activator.getPersistence().checkUser(str)) {
            Activator.getPersistence().storeUserPWD(str, str2);
            users.put(str, str2);
            return true;
        }
        if (!Activator.getPersistence().checkUserPWD(str, str2)) {
            return false;
        }
        users.put(str, str2);
        return true;
    }

    public URL getResource(String str) {
        return null;
    }

    public String getMimeType(String str) {
        return null;
    }

    public String[] getUserAndPass(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, " ");
        if (!stringTokenizer.hasMoreTokens() || !"basic".equalsIgnoreCase(stringTokenizer.nextToken())) {
            return null;
        }
        String str2 = new String(Base64.decode(stringTokenizer.nextToken()));
        int indexOf = str2.startsWith("http") ? str2.indexOf(":", str2.indexOf(":")) : str2.indexOf(":");
        if (indexOf != -1) {
            return new String[]{str2.substring(0, indexOf), str2.substring(indexOf + 1)};
        }
        return null;
    }
}
