package org.usergrid.rest.security.shiro.filters;

import com.sun.jersey.spi.container.ContainerRequest;
import java.security.Principal;
import java.util.Map;
import javax.ws.rs.core.SecurityContext;
import org.apache.shiro.codec.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.usergrid.management.AccountCreationProps;

@Component
/* loaded from: input_file:usergrid-rest-0.0.27.1-classes.jar:org/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.class */
public class BasicAuthSecurityFilter extends SecurityFilter {
    private static final Logger logger = LoggerFactory.getLogger(BasicAuthSecurityFilter.class);

    /* loaded from: input_file:usergrid-rest-0.0.27.1-classes.jar:org/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter$SysAdminRoleAuthenticator.class */
    private static class SysAdminRoleAuthenticator implements SecurityContext {
        private final Principal principal = new Principal() { // from class: org.usergrid.rest.security.shiro.filters.BasicAuthSecurityFilter.SysAdminRoleAuthenticator.1
            @Override // java.security.Principal
            public String getName() {
                return "sysadmin";
            }
        };

        SysAdminRoleAuthenticator() {
        }

        @Override // javax.ws.rs.core.SecurityContext
        public Principal getUserPrincipal() {
            return this.principal;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isUserInRole(String str) {
            return str.equals("sysadmin");
        }

        @Override // javax.ws.rs.core.SecurityContext
        public boolean isSecure() {
            return false;
        }

        @Override // javax.ws.rs.core.SecurityContext
        public String getAuthenticationScheme() {
            return "BASIC";
        }
    }

    public BasicAuthSecurityFilter() {
        logger.info("BasicAuthSecurityFilter is installed");
    }

    @Override // com.sun.jersey.spi.container.ContainerRequestFilter
    public ContainerRequest filter(ContainerRequest containerRequest) {
        Map<String, String> authTypes = getAuthTypes(containerRequest);
        if (authTypes == null || !authTypes.containsKey("BASIC")) {
            return containerRequest;
        }
        String[] split = Base64.decodeToString(authTypes.get("BASIC")).split(":");
        if (split.length < 2) {
            return containerRequest;
        }
        String lowerCase = split[0].toLowerCase();
        String str = split[1];
        String property = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_NAME);
        String property2 = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_PASSWORD);
        boolean parseBoolean = Boolean.parseBoolean(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_ALLOWED));
        if (!lowerCase.equals(property) || !str.equals(property2) || !parseBoolean) {
            return containerRequest;
        }
        containerRequest.setSecurityContext(new SysAdminRoleAuthenticator());
        logger.info("System administrator access allowed");
        return containerRequest;
    }
}
