package org.mortbay.http;

import java.io.IOException;
import org.mortbay.http.SecurityConstraint;
import org.mortbay.util.B64Code;
import org.mortbay.util.Code;
import org.mortbay.util.StringUtil;

/* loaded from: input_file:org/mortbay/http/BasicAuthenticator.class */
public class BasicAuthenticator implements SecurityConstraint.Authenticator {
    @Override // org.mortbay.http.SecurityConstraint.Authenticator
    public UserPrincipal authenticated(UserRealm userRealm, String str, HttpRequest httpRequest, HttpResponse httpResponse) throws IOException {
        UserPrincipal userPrincipal = null;
        String field = httpRequest.getField(HttpFields.__Authorization);
        if (field != null) {
            try {
                Code.debug(new StringBuffer().append("Credentials: ").append(field).toString());
                String decode = B64Code.decode(field.substring(field.indexOf(32) + 1), StringUtil.__ISO_8859_1);
                int indexOf = decode.indexOf(58);
                String substring = decode.substring(0, indexOf);
                userPrincipal = userRealm.authenticate(substring, decode.substring(indexOf + 1), httpRequest);
                if (userPrincipal != null) {
                    httpRequest.setAuthType(SecurityConstraint.__BASIC_AUTH);
                    httpRequest.setAuthUser(substring);
                    httpRequest.setUserPrincipal(userPrincipal);
                } else {
                    Code.warning(new StringBuffer().append("AUTH FAILURE: user ").append(substring).toString());
                }
            } catch (Exception e) {
                Code.warning(new StringBuffer().append("AUTH FAILURE: ").append(e.toString()).toString());
                Code.ignore(e);
            }
        }
        if (userPrincipal == null) {
            sendChallenge(userRealm, httpResponse);
        }
        return userPrincipal;
    }

    @Override // org.mortbay.http.SecurityConstraint.Authenticator
    public String getAuthMethod() {
        return SecurityConstraint.__BASIC_AUTH;
    }

    public void sendChallenge(UserRealm userRealm, HttpResponse httpResponse) throws IOException {
        httpResponse.setField(HttpFields.__WwwAuthenticate, new StringBuffer().append("basic realm=\"").append(userRealm.getName()).append('\"').toString());
        httpResponse.sendError(HttpResponse.__401_Unauthorized);
    }
}
