package org.jboss.resteasy.plugins.server.sun.http;

import com.sun.net.httpserver.Filter;
import com.sun.net.httpserver.HttpExchange;
import java.io.IOException;
import java.security.Principal;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.codec.binary.Base64;
import org.jboss.resteasy.core.ResteasyContext;
import org.jboss.resteasy.plugins.server.embedded.SecurityDomain;

/* loaded from: input_file:org/jboss/resteasy/plugins/server/sun/http/BasicAuthFilter.class */
public class BasicAuthFilter extends Filter {
    protected SecurityDomain domain;

    public BasicAuthFilter(SecurityDomain securityDomain) {
        this.domain = securityDomain;
    }

    public void doFilter(HttpExchange httpExchange, Filter.Chain chain) throws IOException {
        String first = httpExchange.getRequestHeaders().getFirst("Authorization");
        if (first == null || first.length() <= 5 || !"basic".equals(first.substring(0, 5).toLowerCase())) {
            httpExchange.sendResponseHeaders(401, -1L);
            return;
        }
        String[] split = new String(Base64.decodeBase64(first.substring(6).getBytes())).split(":");
        try {
            final Principal authenticate = this.domain.authenticate(split[0], split[1]);
            try {
                ResteasyContext.pushContext(SecurityContext.class, new SecurityContext() { // from class: org.jboss.resteasy.plugins.server.sun.http.BasicAuthFilter.1
                    public Principal getUserPrincipal() {
                        return authenticate;
                    }

                    public boolean isUserInRole(String str) {
                        return BasicAuthFilter.this.domain.isUserInRole(getUserPrincipal(), str);
                    }

                    public boolean isSecure() {
                        return true;
                    }

                    public String getAuthenticationScheme() {
                        return "BASIC";
                    }
                });
                chain.doFilter(httpExchange);
            } finally {
                ResteasyContext.clearContextData();
            }
        } catch (SecurityException e) {
            httpExchange.sendResponseHeaders(401, -1L);
        }
    }

    public String description() {
        return "Basic Auth Filter";
    }
}
