package org.apache.catalina.authenticator;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.servlets.WebdavStatus;
import org.apache.catalina.util.Base64;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.MessageBytes;

/* loaded from: input_file:org/apache/catalina/authenticator/BasicAuthenticator.class */
public class BasicAuthenticator extends AuthenticatorBase {
    private static final Log log = LogFactory.getLog((Class<?>) BasicAuthenticator.class);
    protected static final String info = "org.apache.catalina.authenticator.BasicAuthenticator/1.0";

    @Override // org.apache.catalina.authenticator.AuthenticatorBase, org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public String getInfo() {
        return info;
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase, org.apache.catalina.Authenticator
    public boolean authenticate(Request request, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        Principal userPrincipal = request.getUserPrincipal();
        String str = (String) request.getNote(Constants.REQ_SSOID_NOTE);
        if (userPrincipal != null) {
            if (log.isDebugEnabled()) {
                log.debug("Already authenticated '" + userPrincipal.getName() + "'");
            }
            if (str == null) {
                return true;
            }
            associate(str, request.getSessionInternal(true));
            return true;
        }
        if (str != null) {
            if (log.isDebugEnabled()) {
                log.debug("SSO Id " + str + " set; attempting reauthentication");
            }
            if (reauthenticateFromSSO(str, request)) {
                return true;
            }
        }
        String str2 = null;
        String str3 = null;
        MessageBytes value = request.getCoyoteRequest().getMimeHeaders().getValue("authorization");
        if (value != null) {
            value.toBytes();
            ByteChunk byteChunk = value.getByteChunk();
            if (byteChunk.startsWithIgnoreCase("basic ", 0)) {
                byteChunk.setOffset(byteChunk.getOffset() + 6);
                CharChunk charChunk = value.getCharChunk();
                Base64.decode(byteChunk, charChunk);
                int indexOf = charChunk.indexOf(':');
                if (indexOf < 0) {
                    str2 = charChunk.toString();
                } else {
                    char[] buffer = charChunk.getBuffer();
                    str2 = new String(buffer, 0, indexOf);
                    str3 = new String(buffer, indexOf + 1, (charChunk.getEnd() - indexOf) - 1);
                }
                byteChunk.setOffset(byteChunk.getOffset() - 6);
            }
            Principal authenticate = this.context.getRealm().authenticate(str2, str3);
            if (authenticate != null) {
                register(request, httpServletResponse, authenticate, Constants.BASIC_METHOD, str2, str3);
                return true;
            }
        }
        StringBuilder sb = new StringBuilder(16);
        sb.append("Basic realm=\"");
        if (loginConfig.getRealmName() == null) {
            sb.append("Authentication required");
        } else {
            sb.append(loginConfig.getRealmName());
        }
        sb.append('\"');
        httpServletResponse.setHeader("WWW-Authenticate", sb.toString());
        httpServletResponse.sendError(WebdavStatus.SC_UNAUTHORIZED);
        return false;
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase
    protected String getAuthMethod() {
        return Constants.BASIC_METHOD;
    }
}
