package com.github.xiaoymin.swaggerbootstrapui.filter;

import com.github.xiaoymin.swaggerbootstrapui.conf.Consts;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:BOOT-INF/lib/swagger-bootstrap-ui-1.9.0.jar:com/github/xiaoymin/swaggerbootstrapui/filter/SecurityBasicAuthFilter.class */
public class SecurityBasicAuthFilter extends BasicFilter implements Filter {
    private boolean enableBasicAuth;
    private String userName;
    private String password;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        if (filterConfig.getInitParameterNames().hasMoreElements()) {
            setEnableBasicAuth(Boolean.valueOf(filterConfig.getInitParameter("enableBasicAuth")).booleanValue());
            setUserName(filterConfig.getInitParameter("userName"));
            setPassword(filterConfig.getInitParameter("password"));
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!this.enableBasicAuth) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!match(httpServletRequest.getRequestURI())) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getSession().getAttribute(Consts.SwaggerBootstrapUiBasicAuthSession) != null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || "".equals(header)) {
            writeForbiddenCode(httpServletResponse);
            return;
        }
        String[] split = decodeBase64(header.substring(6)).split(":");
        String str = split[0];
        String str2 = split[1];
        if (!str.equals(this.userName) || !str2.equals(this.password)) {
            writeForbiddenCode(httpServletResponse);
        } else {
            httpServletRequest.getSession().setAttribute(Consts.SwaggerBootstrapUiBasicAuthSession, this.userName);
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    private void writeForbiddenCode(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(401);
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"input Swagger Basic userName & password \"");
        httpServletResponse.getWriter().write("You do not have permission to access this resource");
    }

    public SecurityBasicAuthFilter(boolean z, String str, String str2) {
        this.enableBasicAuth = false;
        this.enableBasicAuth = z;
        this.userName = str;
        this.password = str2;
    }

    public SecurityBasicAuthFilter(boolean z) {
        this.enableBasicAuth = false;
        this.enableBasicAuth = z;
    }

    public SecurityBasicAuthFilter() {
        this.enableBasicAuth = false;
    }

    public boolean isEnableBasicAuth() {
        return this.enableBasicAuth;
    }

    public void setEnableBasicAuth(boolean z) {
        this.enableBasicAuth = z;
    }

    public String getUserName() {
        return this.userName;
    }

    public void setUserName(String str) {
        this.userName = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }
}
