package csbase.client.rest;

import com.sun.jersey.core.util.Base64;
import csbase.client.ClientServerManager;
import csbase.client.desktop.DesktopFrame;
import csbase.client.desktop.NotificationPanel;
import csbase.client.login.UserPasswordLogin;
import csbase.client.remote.ClientRemoteMonitor;
import csbase.exception.CSBaseException;
import csbase.remote.UserPasswordAuthenticator;
import java.util.Date;
import java.util.Locale;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import tecgraf.javautils.core.lng.LNG;

@Provider
/* loaded from: input_file:csbase/client/rest/AuthFilter.class */
public class AuthFilter implements ContainerRequestFilter, ContainerResponseFilter {
    private static final RestController restController = RestController.getInstance();

    private static WebApplicationException buildUnauthorizedResponse(String str) {
        return new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"CSBaseClientRestController\"").entity(str).build());
    }

    public void filter(ContainerRequestContext containerRequestContext) throws WebApplicationException {
        if (restController.isDeveloperMode()) {
            return;
        }
        String headerString = containerRequestContext.getHeaderString("Authorization");
        if (headerString == null) {
            throw buildUnauthorizedResponse(LNG.get("csbase.client.rest.no.authorization.token"));
        }
        if (!headerString.startsWith("Basic")) {
            if (!headerString.startsWith("Bearer")) {
                throw buildUnauthorizedResponse("Uknown Authorization method");
            }
            if (!restController.isTokenAuthorized(headerString.replaceFirst("[Bb]earer ", ""))) {
                throw buildUnauthorizedResponse(LNG.get("csbase.client.rest.invalid.authorization.token"));
            }
            return;
        }
        if (!(restController.getUserLogin() instanceof UserPasswordLogin)) {
            throw buildUnauthorizedResponse("Invalid login type");
        }
        String[] split = Base64.base64Decode(headerString.replaceFirst("[Bb]asic ", "")).split(":");
        if (split.length != 2) {
            throw buildUnauthorizedResponse("Invalid Authorization header");
        }
        String str = split[0];
        String str2 = split[1];
        if (!ClientRemoteMonitor.getInstance().getLogin().equals(str)) {
            throw buildUnauthorizedResponse("Different user is logged in");
        }
        try {
            if (new UserPasswordAuthenticator(str, str2, Locale.getDefault()).authenticate(ClientServerManager.getInstance().getServer()) == null) {
                throw buildUnauthorizedResponse("Invalid user/password");
            }
        } catch (CSBaseException e) {
            e.printStackTrace();
            throw buildUnauthorizedResponse(e.getLocalizedMessage());
        }
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws WebApplicationException {
        if (restController.isDeveloperMode()) {
            NotificationPanel notificationPanel = DesktopFrame.getInstance().getNotificationPanel();
            notificationPanel.addNotificationLine(notificationPanel.makeNotificationLine(new Date(), "ClientRestService", "[DEV-MODE] Requisição REST: " + containerRequestContext.getMethod() + " " + containerRequestContext.getUriInfo().getAbsolutePath().toString() + " -> " + containerResponseContext.getStatus() + " " + containerResponseContext.getStatusInfo().toString(), true));
        }
    }
}
