package io.mangoo.admin;

import com.google.common.base.Charsets;
import com.google.inject.Inject;
import io.mangoo.configuration.Config;
import io.mangoo.enums.Default;
import io.mangoo.enums.Header;
import io.mangoo.enums.Required;
import io.mangoo.enums.Template;
import io.mangoo.interfaces.MangooFilter;
import io.mangoo.routing.Response;
import io.mangoo.routing.bindings.Request;
import io.mangoo.utils.CodecUtils;
import java.util.Base64;
import java.util.Objects;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:io/mangoo/admin/AdminFilter.class */
public class AdminFilter implements MangooFilter {
    private static final Base64.Decoder decoder = Base64.getDecoder();
    private Config config;

    @Inject
    public AdminFilter(Config config) {
        this.config = (Config) Objects.requireNonNull(config, Required.CONFIG.toString());
    }

    @Override // io.mangoo.interfaces.MangooFilter
    public Response execute(Request request, Response response) {
        return !this.config.isApplicationAdminEnable() ? Response.withNotFound().andBody(Template.DEFAULT.notFound()).end() : !isAuthenticated(request) ? Response.withUnauthorized().andHeader(Header.WWW_AUTHENTICATE.toHttpString(), "Basic realm=Administration authentication").andEmptyBody().end() : response;
    }

    private boolean isAuthenticated(Request request) {
        String str = null;
        String str2 = null;
        String header = request.getHeader(Header.AUTHORIZATION.toHttpString());
        if (StringUtils.isNotBlank(header)) {
            String[] split = new String(decoder.decode(StringUtils.replace(header, "Basic", "").trim()), Charsets.UTF_8).split(":");
            if (split != null && split.length == Default.BASICAUTH_CREDENTIALS_LENGTH.toInt()) {
                str = split[0];
                str2 = split[1];
            }
        }
        return StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2) && StringUtils.isNotBlank(this.config.getApplicationAdminUsername()) && StringUtils.isNotBlank(this.config.getApplicationAdminPassword()) && this.config.getApplicationAdminUsername().equals(str) && CodecUtils.checkJBCrypt(str2, this.config.getApplicationAdminPassword());
    }
}
