package org.objectweb.joram.tools.rest.jms;

import fr.dyade.aaa.common.Debug;
import java.io.IOException;
import java.net.URI;
import java.util.Base64;
import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.objectweb.util.monolog.api.BasicLevel;
import org.objectweb.util.monolog.api.Logger;

@Path("/")
/* loaded from: input_file:org/objectweb/joram/tools/rest/jms/RootService.class */
public class RootService implements ContainerRequestFilter {
    public static Logger logger = Debug.getLogger(RootService.class.getName());
    private static final String AUTHORIZATION_PROPERTY = "Authorization";
    private static final String AUTHENTICATION_SCHEME = "Basic";
    private final Helper helper = Helper.getInstance();

    @Context
    private HttpServletRequest httpServletRequest;

    @GET
    @Produces({"text/html"})
    public String info(@Context UriInfo uriInfo) {
        URI build = uriInfo.getBaseUriBuilder().path(JndiService.JNDI).build(new Object[0]);
        URI build2 = uriInfo.getBaseUriBuilder().path(JmsService.JMS).build(new Object[0]);
        URI build3 = uriInfo.getBaseUriBuilder().path("admin").build(new Object[0]);
        URI build4 = uriInfo.getBaseUriBuilder().path(JmsContextService.CONTEXT).build(new Object[0]);
        return "<html><body><br><a href=\"" + build + "\">" + build + "</a><br><a href=\"" + build2 + "\">" + build2 + "</a><br><a href=\"" + build3 + "\">" + build3 + "</a><br><a href=\"" + build4 + "\">" + build4 + "</a></body></html>";
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (!this.helper.authenticationRequired()) {
            if (logger.isLoggable(BasicLevel.INFO)) {
                logger.log(BasicLevel.INFO, "no authentication.");
                return;
            }
            return;
        }
        if (this.httpServletRequest != null) {
            String remoteAddr = this.httpServletRequest.getRemoteAddr();
            if (remoteAddr != null && !this.helper.checkIPAddress(remoteAddr)) {
                containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"executives\"").entity("You cannot access this resource (IP not allowed)").build());
                return;
            } else if (logger.isLoggable(BasicLevel.DEBUG)) {
                logger.log(BasicLevel.DEBUG, "request from: " + remoteAddr);
            }
        }
        List list = (List) containerRequestContext.getHeaders().get(AUTHORIZATION_PROPERTY);
        if (logger.isLoggable(BasicLevel.DEBUG)) {
            logger.log(BasicLevel.DEBUG, "authorization = " + list);
        }
        if (list == null) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"executives\"").entity("You cannot access this resource").build());
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(new String(Base64.getDecoder().decode(((String) list.get(0)).replaceFirst("Basic ", ""))), ":");
        String str = null;
        String str2 = null;
        if (stringTokenizer.hasMoreTokens()) {
            str = stringTokenizer.nextToken();
        }
        if (stringTokenizer.hasMoreTokens()) {
            str2 = stringTokenizer.nextToken();
        }
        if (logger.isLoggable(BasicLevel.DEBUG)) {
            logger.log(BasicLevel.DEBUG, "username = " + str);
        }
        if (this.helper.getRestUser().equals(str) && this.helper.getRestPass().equals(str2)) {
            return;
        }
        if (logger.isLoggable(BasicLevel.WARN)) {
            logger.log(BasicLevel.WARN, "Bad authorization: " + str + ":" + str2);
        }
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"executives\"").entity("You cannot access this resource").build());
    }
}
