package com.sun.identity.authentication.modules.httpbasic;

import com.iplanet.sso.SSOToken;
import com.sun.identity.authentication.config.AMAuthenticationInstance;
import com.sun.identity.authentication.config.AMAuthenticationManager;
import com.sun.identity.authentication.service.AuthD;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.spi.HttpCallback;
import com.sun.identity.authentication.spi.InvalidPasswordException;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.datastruct.CollectionHelper;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.shared.encode.Base64;
import java.io.IOException;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/sun/identity/authentication/modules/httpbasic/HTTPBasic.class */
public class HTTPBasic extends AMLoginModule {
    private static final String amAuthHTTPBasic = "amAuthHTTPBasic";
    private static Debug debug = Debug.getInstance(amAuthHTTPBasic);
    private static String MODCONFIG = "iplanet-am-auth-http-basic-module-configured";
    private static String AUTHLEVEL = "iplanet-am-auth-httpbasic-auth-level";
    private String validatedUserID;
    private String userName;
    private String userPassword;
    private Map currentConfig;
    private Map options;
    private Principal userPrincipal = null;
    private ResourceBundle bundle = null;
    private String instanceName = null;
    private AMLoginModule amLoginModule = null;

    public void init(Subject subject, Map map, Map map2) {
        Locale loginLocale = getLoginLocale();
        this.bundle = amCache.getResBundle(amAuthHTTPBasic, loginLocale);
        if (debug.messageEnabled()) {
            debug.message("HttpBasicAuth resbundle locale=" + loginLocale);
        }
        this.options = map2;
        this.instanceName = CollectionHelper.getMapAttr(map2, MODCONFIG);
        String mapAttr = CollectionHelper.getMapAttr(map2, AUTHLEVEL);
        if (mapAttr != null) {
            try {
                setAuthLevel(Integer.parseInt(mapAttr));
            } catch (Exception e) {
                debug.error("Unable to set auth level " + mapAttr, e);
            }
        }
        try {
            AMAuthenticationInstance authenticationInstance = new AMAuthenticationManager((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), getRequestOrg()).getAuthenticationInstance(this.instanceName);
            this.currentConfig = authenticationInstance.getAttributeValues();
            this.amLoginModule = (AMLoginModule) Class.forName(AuthD.getAuth().getAuthenticatorForName(authenticationInstance.getType())).newInstance();
            this.amLoginModule.initialize(subject, getCallbackHandler(), map, this.currentConfig);
        } catch (Exception e2) {
            debug.error("Could not initialize the module instance" + this.instanceName, e2);
        }
    }

    public int process(Callback[] callbackArr, int i) throws LoginException {
        if (this.instanceName == null || this.instanceName.length() == 0) {
            throw new AuthLoginException(amAuthHTTPBasic, "noModule", (Object[]) null);
        }
        HttpServletRequest httpServletRequest = getHttpServletRequest();
        HttpServletResponse httpServletResponse = getHttpServletResponse();
        String str = null;
        if (callbackArr != null && callbackArr.length != 0) {
            str = ((HttpCallback) callbackArr[0]).getAuthorization();
        }
        if ((httpServletRequest == null || httpServletResponse == null) && str == null) {
            debug.message("Servlet Request and Response cannot be null");
            throw new AuthLoginException(amAuthHTTPBasic, "reqRespNull", (Object[]) null);
        }
        try {
            debug.message("Process HTTPBasic Auth started ...");
            if (str == null || str.length() == 0) {
                str = httpServletRequest.getHeader("Authorization");
            }
            if (debug.messageEnabled()) {
                debug.message("AUTH : " + str);
            }
            int authenticate = authenticate(str);
            this.validatedUserID = this.userName;
            return authenticate;
        } catch (Exception e) {
            debug.error("login: unknown exception = ", e);
            setFailureID(this.userName);
            if (e instanceof InvalidPasswordException) {
                throw new InvalidPasswordException(e);
            }
            throw new AuthLoginException(amAuthHTTPBasic, "sendError", (Object[]) null, e);
        }
    }

    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            return this.userPrincipal;
        }
        if (this.amLoginModule == null) {
            return null;
        }
        this.validatedUserID = this.amLoginModule.getPrincipal().getName();
        this.userPrincipal = new HTTPBasicPrincipal(this.validatedUserID);
        return this.userPrincipal;
    }

    public void destroyModuleState() {
        this.validatedUserID = null;
        this.userPrincipal = null;
    }

    public void nullifyUserdVars() {
        this.bundle = null;
        this.userName = null;
        this.userPassword = null;
        this.currentConfig = null;
        this.options = null;
    }

    private int authenticate(String str) throws LoginException, IOException {
        if (str == null || !str.toUpperCase().startsWith("BASIC")) {
            throw new AuthLoginException(amAuthHTTPBasic, "wrong header", (Object[]) null, (Throwable) null);
        }
        String str2 = new String(Base64.decode(str.substring(6)));
        int indexOf = str2.indexOf(58);
        if (indexOf != -1) {
            this.userPassword = str2.substring(indexOf + 1);
            this.userName = str2.substring(0, indexOf);
        }
        storeUsernamePasswd(this.userName, this.userPassword);
        return authenticateToBackEndModule();
    }

    private int authenticateToBackEndModule() throws LoginException {
        Callback nameCallback = new NameCallback("dummy");
        nameCallback.setName(this.userName);
        PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
        passwordCallback.setPassword(this.userPassword.toCharArray());
        return this.amLoginModule.process(new Callback[]{nameCallback, passwordCallback}, 1);
    }
}
