package eu.smesec.cysec.platform.core.auth.strategies;

import eu.smesec.cysec.platform.bridge.execptions.CacheException;
import eu.smesec.cysec.platform.core.cache.CacheAbstractionLayer;
import eu.smesec.cysec.platform.core.config.Config;
import eu.smesec.cysec.platform.core.utils.Validator;
import java.util.Collections;
import java.util.List;
import java.util.logging.Level;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletContext;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.MultivaluedMap;
import org.glassfish.jersey.internal.util.Base64;

/* loaded from: input_file:WEB-INF/classes/eu/smesec/cysec/platform/core/auth/strategies/BasicAuthStrategy.class */
public class BasicAuthStrategy extends AbstractUserAuthStrategy {
    public static final String AUTHORIZATION_PROPERTY = "authorization";
    public static final Pattern regexBasic = Pattern.compile("^Basic (.+)$");
    public static final Pattern regexAuth = Pattern.compile("^(.+)/(.+):(.+)$");

    public BasicAuthStrategy(CacheAbstractionLayer cacheAbstractionLayer, Config config, ServletContext servletContext) {
        super(cacheAbstractionLayer, config, servletContext, false);
    }

    @Override // eu.smesec.cysec.platform.core.auth.strategies.AbstractAuthStrategy
    public List<String> getHeaderNames() {
        return Collections.singletonList(AUTHORIZATION_PROPERTY);
    }

    @Override // eu.smesec.cysec.platform.core.auth.strategies.AbstractUserAuthStrategy
    protected String[] extractCredentials(MultivaluedMap<String, String> multivaluedMap) throws CacheException, ClientErrorException {
        this.logger.info("Checking Basic auth");
        String first = multivaluedMap.getFirst(AUTHORIZATION_PROPERTY);
        if (first != null && !first.isEmpty()) {
            Matcher matcher = regexBasic.matcher(first);
            if (matcher.matches()) {
                String decodeAsString = Base64.decodeAsString(matcher.group(1));
                Matcher matcher2 = regexAuth.matcher(decodeAsString);
                if (!matcher2.matches()) {
                    this.logger.log(Level.WARNING, "invalid auth format: " + decodeAsString);
                    throw new BadRequestException("invalid auth format: " + decodeAsString);
                }
                String group = matcher2.group(1);
                if (!Validator.validateWord(group)) {
                    throw new BadRequestException("Company pattern does not match");
                }
                String group2 = matcher2.group(2);
                if (!Validator.validateWord(group2) && !Validator.validateEmail(group2)) {
                    throw new BadRequestException("Username pattern does not match");
                }
                String group3 = matcher2.group(3);
                if (group3 == null || group3.isEmpty()) {
                    throw new BadRequestException("Password is null or empty");
                }
                return new String[]{group, group2, group3, null};
            }
        }
        this.logger.log(Level.WARNING, "invalid auth header");
        throw new BadRequestException("invalid auth header");
    }
}
