package edu.uiuc.ncsa.security.servlet;

import edu.uiuc.ncsa.security.core.Identifier;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:edu/uiuc/ncsa/security/servlet/HeaderUtils.class */
public class HeaderUtils {
    public static final String BASIC_HEADER = "Basic";
    public static final String BEARER_HEADER = "Bearer";
    static boolean deepDebugOn = false;
    public static int ID_INDEX = 0;
    public static int SECRET_INDEX = 1;

    public static List<String> getAuthHeader(HttpServletRequest httpServletRequest, String str) {
        String obj;
        if (deepDebugOn) {
            ServletDebugUtil.printAllParameters(HeaderUtils.class, httpServletRequest);
            ServletDebugUtil.trace(HeaderUtils.class, "getAuthHeader: Getting type \"" + str + "\"");
        }
        Enumeration headers = httpServletRequest.getHeaders("authorization");
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "getAuthHeader: Header enumeration = \"" + headers + "\"");
        }
        ArrayList arrayList = new ArrayList();
        while (headers.hasMoreElements()) {
            Object nextElement = headers.nextElement();
            if (deepDebugOn) {
                ServletDebugUtil.trace(HeaderUtils.class, "getAuthHeader: Processing header = \"" + nextElement + "\"");
            }
            if (nextElement != null && (obj = nextElement.toString()) != null && 0 != obj.length() && obj.startsWith(str)) {
                arrayList.add(obj.substring(obj.indexOf(" ") + 1));
            }
        }
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "getAuthHeader: Returning  = \"" + arrayList + "\"");
        }
        return arrayList;
    }

    public static boolean hasBasicHeader(HttpServletRequest httpServletRequest) {
        return getBasicHeader(httpServletRequest) != null;
    }

    public static String getBasicHeader(HttpServletRequest httpServletRequest) {
        List<String> authHeader = getAuthHeader(httpServletRequest, BASIC_HEADER);
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "getBasicHeader: returned auth headers = \"" + authHeader + "\"");
        }
        if (authHeader.isEmpty()) {
            return null;
        }
        return authHeader.get(0);
    }

    public static String getBearerAuthHeader(HttpServletRequest httpServletRequest) {
        List<String> authHeader = getAuthHeader(httpServletRequest, BEARER_HEADER);
        if (authHeader.isEmpty()) {
            return null;
        }
        return authHeader.get(0);
    }

    public static String[] getCredentialsFromHeaders(HttpServletRequest httpServletRequest, String str) throws UnsupportedEncodingException {
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "getCredentialsFromHeaders: type = \"" + str + "\"");
        }
        String trim = str.trim();
        String str2 = null;
        if (trim.equals(BASIC_HEADER)) {
            str2 = getBasicHeader(httpServletRequest);
        }
        if (trim.equals(BEARER_HEADER)) {
            str2 = getBearerAuthHeader(httpServletRequest);
        }
        if (str2 == null) {
            throw new IllegalArgumentException("Error: Unknown authorization method.");
        }
        String[] strArr = new String[2];
        byte[] decodeBase64 = Base64.decodeBase64(str2);
        if ((decodeBase64 == null || decodeBase64.length == 0) && deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "doIt: no secret, throwing exception.");
            throwException("Missing secret");
        }
        String str3 = new String(decodeBase64);
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, " received authz header of " + str3);
        }
        int lastIndexOf = str3.lastIndexOf(":");
        if (lastIndexOf == -1) {
            throwException("the authorization header is not in the right format");
        }
        String decode = URLDecoder.decode(str3.substring(0, lastIndexOf), "UTF-8");
        strArr[ID_INDEX] = decode;
        String decode2 = URLDecoder.decode(str3.substring(lastIndexOf + 1), "UTF-8");
        strArr[SECRET_INDEX] = decode2;
        if (deepDebugOn) {
            ServletDebugUtil.trace(HeaderUtils.class, "getCredentialsFromHeaders: returning  " + decode + ", " + decode2);
        }
        return strArr;
    }

    public static String[] getCredentialsFromHeaders(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        return getCredentialsFromHeaders(httpServletRequest, BASIC_HEADER);
    }

    public static String getSecretFromHeaders(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        return getCredentialsFromHeaders(httpServletRequest)[SECRET_INDEX];
    }

    public static Identifier getIDFromHeaders(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        String[] credentialsFromHeaders = getCredentialsFromHeaders(httpServletRequest);
        if (credentialsFromHeaders == null || credentialsFromHeaders.length == 0) {
            return null;
        }
        return BasicIdentifier.newID(credentialsFromHeaders[ID_INDEX]);
    }

    protected static void throwException(String str) {
        throw new IllegalArgumentException(str);
    }
}
