package com.systematic.sitaware.framework.webresources;

import com.systematic.sitaware.framework.configuration.ConfigurationService;
import com.systematic.sitaware.framework.eventlogging.EventLogger;
import com.systematic.sitaware.framework.eventlogging.EventLoggerFactory;
import com.systematic.sitaware.framework.webresources.settings.PasswordHandler;
import com.systematic.sitaware.framework.webresources.settings.PasswordSettings;
import java.io.IOException;
import java.net.URL;
import java.security.cert.X509Certificate;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.DatatypeConverter;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;

/* loaded from: input_file:com/systematic/sitaware/framework/webresources/SecureHTTPContext.class */
public class SecureHTTPContext implements HttpContext {
    private static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
    private static final String HEADER_AUTHORIZATION = "Authorization";
    private static final String AUTHENTICATION_SCHEME_BASIC = "Basic";
    private final EventLogger auditLogger = EventLoggerFactory.getDefaultEventLogger();
    private final HttpContext base;
    private final ConfigurationService cs;

    public SecureHTTPContext(HttpService httpService, ConfigurationService configurationService) {
        this.base = httpService.createDefaultHttpContext();
        this.cs = configurationService;
    }

    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String trim;
        int indexOf;
        String header = httpServletRequest.getHeader(HEADER_AUTHORIZATION);
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr != null) {
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "CLIENT_CERT");
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", x509CertificateArr[x509CertificateArr.length - 1].getSubjectX500Principal());
            return true;
        }
        Byte[] bArr = (Byte[]) this.cs.readSetting(PasswordSettings.WEB_PASSWORD);
        if (bArr == null || bArr.length < 1) {
            try {
                httpServletResponse.setStatus(403);
                httpServletResponse.setContentLength(0);
                httpServletResponse.flushBuffer();
                return false;
            } catch (IOException e) {
                return false;
            }
        }
        if (header != null && header.length() > 0 && (indexOf = (trim = header.trim()).indexOf(32)) > 0) {
            String substring = trim.substring(0, indexOf);
            String trim2 = trim.substring(indexOf).trim();
            if (substring.equalsIgnoreCase(AUTHENTICATION_SCHEME_BASIC)) {
                try {
                    String str = new String(DatatypeConverter.parseBase64Binary(trim2));
                    int indexOf2 = str.indexOf(58);
                    String substring2 = str.substring(0, indexOf2);
                    if (authenticate(str.substring(indexOf2 + 1))) {
                        httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "BASIC");
                        httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", substring2);
                        return true;
                    }
                    this.auditLogger.warningAudit("HTTP Basic Authenticator", "login", "Username: " + substring2, "Web loggin attempt failed from: " + httpServletRequest.getRemoteHost());
                } catch (Exception e2) {
                }
            }
        }
        try {
            httpServletResponse.setHeader(HEADER_WWW_AUTHENTICATE, "Basic realm=\"SitaWare Tactical Communications\"");
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentLength(0);
            httpServletResponse.flushBuffer();
            return false;
        } catch (IOException e3) {
            return false;
        }
    }

    private boolean authenticate(String str) {
        return PasswordHandler.PASSWORD_HANDLER.validatePassword(str, this.cs);
    }

    public URL getResource(String str) {
        URL resource = this.base.getResource(str);
        return (resource == null && str.endsWith("/")) ? this.base.getResource(str.substring(0, str.length() - 1)) : resource;
    }

    public String getMimeType(String str) {
        return this.base.getMimeType(str);
    }
}
