package org.pustefixframework.editor.backend.remote;

import java.io.ByteArrayInputStream;
import java.io.InputStream;
import javax.mail.internet.MimeUtility;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:org/pustefixframework/editor/backend/remote/HTTPAuthenticationHandlerInterceptor.class */
public class HTTPAuthenticationHandlerInterceptor implements HandlerInterceptor {
    private String secret;

    public void setSecret(String str) {
        this.secret = str;
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof RemoteServiceExporter)) {
            return true;
        }
        try {
            if (checkAuth(httpServletRequest)) {
                return true;
            }
            httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"Pustefix Editor Web Service Interface\"");
            httpServletResponse.sendError(401);
            return false;
        } catch (IllegalArgumentException e) {
            httpServletResponse.sendError(400);
            return false;
        }
    }

    private boolean checkAuth(HttpServletRequest httpServletRequest) {
        String str;
        int indexOf;
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return false;
        }
        String trim = header.trim();
        int indexOf2 = trim.indexOf(32);
        if (indexOf2 == -1) {
            throw new IllegalArgumentException();
        }
        if (!trim.substring(0, indexOf2).trim().equalsIgnoreCase("Basic") || (indexOf = (str = new String(base64Decode(trim.substring(indexOf2).trim()))).indexOf(58)) == -1) {
            return false;
        }
        str.substring(0, indexOf);
        return str.substring(indexOf + 1).equals(this.secret);
    }

    public static byte[] base64Decode(String str) {
        try {
            byte[] bytes = str.getBytes("utf8");
            InputStream decode = MimeUtility.decode(new ByteArrayInputStream(bytes), "Base64");
            byte[] bArr = new byte[bytes.length];
            int read = decode.read(bArr);
            byte[] bArr2 = new byte[read];
            System.arraycopy(bArr, 0, bArr2, 0, read);
            return bArr2;
        } catch (Exception e) {
            throw new RuntimeException("Base64 decoding failed", e);
        }
    }
}
