package org.eclipse.virgo.management.console.internal;

import java.io.IOException;
import java.net.URL;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.eclipse.osgi.internal.signedcontent.Base64;
import org.osgi.framework.Bundle;
import org.osgi.service.http.HttpContext;

/* loaded from: input_file:WEB-INF/classes/org/eclipse/virgo/management/console/internal/AdminHttpContext.class */
public class AdminHttpContext implements HttpContext {
    private static final String REALM = "Virgo Admin Console";
    private final Bundle bundle;

    public AdminHttpContext(Bundle bundle) {
        this.bundle = bundle;
    }

    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return reject(httpServletRequest, httpServletResponse);
        }
        StringTokenizer stringTokenizer = new StringTokenizer(header);
        String nextToken = stringTokenizer.nextToken();
        if (!nextToken.equals("Basic")) {
            return reject(httpServletRequest, httpServletResponse);
        }
        String str = new String(Base64.decode(stringTokenizer.nextToken().getBytes()));
        int indexOf = str.indexOf(58);
        String substring = str.substring(0, indexOf);
        try {
            Subject login = login(httpServletRequest.getSession(true), substring, str.substring(indexOf + 1));
            if (login == null) {
                return reject(httpServletRequest, httpServletResponse);
            }
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", substring);
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", nextToken);
            httpServletRequest.setAttribute("org.osgi.service.useradmin.authorization", login);
            return true;
        } catch (LoginException unused) {
            return reject(httpServletRequest, httpServletResponse);
        }
    }

    public URL getResource(String str) {
        return this.bundle.getEntry(str);
    }

    public String getMimeType(String str) {
        return null;
    }

    private Subject login(HttpSession httpSession, final String str, final String str2) throws LoginException {
        if (httpSession == null) {
            return null;
        }
        LoginContext loginContext = (LoginContext) httpSession.getValue("securitycontext");
        if (loginContext != null) {
            return loginContext.getSubject();
        }
        LoginContext loginContext2 = new LoginContext("virgo-kernel", new CallbackHandler() { // from class: org.eclipse.virgo.management.console.internal.AdminHttpContext.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                for (int i = 0; i < callbackArr.length; i++) {
                    if (callbackArr[i] instanceof NameCallback) {
                        ((NameCallback) callbackArr[i]).setName(str);
                    } else {
                        if (!(callbackArr[i] instanceof PasswordCallback)) {
                            throw new UnsupportedCallbackException(callbackArr[i]);
                        }
                        ((PasswordCallback) callbackArr[i]).setPassword(str2.toCharArray());
                    }
                }
            }
        });
        loginContext2.login();
        Subject subject = loginContext2.getSubject();
        if (subject == null) {
            return null;
        }
        httpSession.putValue("securitycontext", loginContext2);
        return subject;
    }

    private boolean reject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.getSession(true);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"Virgo Admin Console\"");
        try {
            httpServletResponse.sendError(401);
            return false;
        } catch (IOException unused) {
            return false;
        }
    }
}
