package org.camunda.bpm.engine.rest.security.auth.impl;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.impl.digest._apacheCommonsCodec.Base64;
import org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider;
import org.camunda.bpm.engine.rest.security.auth.AuthenticationResult;

/* loaded from: input_file:org/camunda/bpm/engine/rest/security/auth/impl/HttpBasicAuthenticationProvider.class */
public class HttpBasicAuthenticationProvider implements AuthenticationProvider {
    protected static final String BASIC_AUTH_HEADER_PREFIX = "Basic ";

    @Override // org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider
    public AuthenticationResult extractAuthenticatedUser(HttpServletRequest httpServletRequest, ProcessEngine processEngine) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || !header.startsWith(BASIC_AUTH_HEADER_PREFIX)) {
            return AuthenticationResult.unsuccessful();
        }
        String str = new String(Base64.decodeBase64(header.substring(BASIC_AUTH_HEADER_PREFIX.length())));
        int indexOf = str.indexOf(":");
        if (indexOf == -1) {
            return AuthenticationResult.unsuccessful();
        }
        String substring = str.substring(0, indexOf);
        return isAuthenticated(processEngine, substring, str.substring(indexOf + 1)) ? AuthenticationResult.successful(substring) : AuthenticationResult.unsuccessful(substring);
    }

    protected boolean isAuthenticated(ProcessEngine processEngine, String str, String str2) {
        return processEngine.getIdentityService().checkPassword(str, str2);
    }

    @Override // org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider
    public void augmentResponseByAuthenticationChallenge(HttpServletResponse httpServletResponse, ProcessEngine processEngine) {
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + processEngine.getName() + "\"");
    }
}
