package com.github.xiaoymin.knife4j.aggre.core.filter;

import com.github.xiaoymin.knife4j.aggre.core.pojo.BasicAuth;
import java.io.IOException;
import java.util.Base64;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/xiaoymin/knife4j/aggre/core/filter/Knife4jSecurityBasicAuthFilter.class */
public class Knife4jSecurityBasicAuthFilter implements Filter {
    Logger logger = LoggerFactory.getLogger(Knife4jSecurityBasicAuthFilter.class);
    public static final String SwaggerBootstrapUiBasicAuthSession = "Knife4jAggregationBasicAuthSession";
    private BasicAuth basicAuth;

    protected String decodeBase64(String str) {
        String str2 = null;
        if (str != null) {
            try {
                str2 = new String(Base64.getDecoder().decode(str));
            } catch (Exception e) {
                this.logger.error(e.getMessage(), e);
            }
        }
        return str2;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.basicAuth == null || !this.basicAuth.isEnable()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getSession().getAttribute(SwaggerBootstrapUiBasicAuthSession) != null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || "".equals(header)) {
            writeForbiddenCode(httpServletResponse);
            return;
        }
        String[] split = decodeBase64(header.substring(6)).split(":");
        if (split.length != 2) {
            writeForbiddenCode(httpServletResponse);
            return;
        }
        String str = split[0];
        String str2 = split[1];
        if (!str.equals(this.basicAuth.getUsername()) || !str2.equals(this.basicAuth.getPassword())) {
            writeForbiddenCode(httpServletResponse);
        } else {
            httpServletRequest.getSession().setAttribute(SwaggerBootstrapUiBasicAuthSession, this.basicAuth.getUsername());
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    public void destroy() {
    }

    private void writeForbiddenCode(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(401);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"input OpenAPI userName & password \"");
        httpServletResponse.getWriter().write("You do not have permission to access this resource");
    }

    public Knife4jSecurityBasicAuthFilter(BasicAuth basicAuth) {
        this.basicAuth = basicAuth;
    }
}
