package com.sap.cloud.sdk.cloudplatform.security;

import com.sap.cloud.sdk.cloudplatform.security.exception.BasicAuthenticationAccessException;
import com.sap.cloud.sdk.cloudplatform.servlet.RequestAccessor;
import com.sap.cloud.sdk.cloudplatform.thread.Property;
import com.sap.cloud.sdk.cloudplatform.thread.ThreadContext;
import com.sap.cloud.sdk.cloudplatform.thread.ThreadContextAccessor;
import io.vavr.control.Try;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/sap/cloud/sdk/cloudplatform/security/DefaultBasicAuthenticationFacade.class */
public class DefaultBasicAuthenticationFacade implements BasicAuthenticationFacade {
    private static final Pattern CASE_INSENSITIVE_BASIC_PREFIX_MATCH = Pattern.compile("^(?i)basic(?-i) \\s*([A-Za-z0-9+/=]+)\\s*$");

    @Override // com.sap.cloud.sdk.cloudplatform.security.BasicAuthenticationFacade
    @Nonnull
    public Try<BasicCredentials> tryGetBasicCredentials() {
        return readBasicCredentialsFromContext().orElse(this::extractBasicCredentialsFromRequest);
    }

    private Try<BasicCredentials> readBasicCredentialsFromContext() {
        return ThreadContextAccessor.tryGetCurrentContext().flatMap(this::extractBasicCredentialsProperty).map((v0) -> {
            return v0.getValue();
        });
    }

    private Try<Property<BasicCredentials>> extractBasicCredentialsProperty(ThreadContext threadContext) {
        return threadContext.getProperty(BasicAuthenticationThreadContextListener.PROPERTY_BASIC_AUTH_HEADER);
    }

    private Try<BasicCredentials> extractBasicCredentialsFromRequest() {
        return RequestAccessor.tryGetCurrentRequest().map(this::extractAuthorizationHeaders).map(this::selectBasicAuthenticationHeader).map((v1) -> {
            return extractBasicHeaderValue(v1);
        }).map(this::decodeBasicCredentials);
    }

    private List<String> extractAuthorizationHeaders(HttpServletRequest httpServletRequest) {
        Enumeration headers = httpServletRequest.getHeaders("Authorization");
        if (headers == null) {
            throw new BasicAuthenticationAccessException("Received no 'Authorization' headers with the request.");
        }
        return Collections.list(headers);
    }

    private String selectBasicAuthenticationHeader(List<String> list) {
        if (list.isEmpty()) {
            throw new BasicAuthenticationAccessException("Received an 'Authorization' header without a value.");
        }
        if (list.size() > 1) {
            throw new BasicAuthenticationAccessException("Received multiple 'Authorization' headers with the request, but the specification allows at most one.");
        }
        return list.get(0);
    }

    private String extractBasicHeaderValue(CharSequence charSequence) {
        Matcher matcher = CASE_INSENSITIVE_BASIC_PREFIX_MATCH.matcher(charSequence);
        if (matcher.matches()) {
            return matcher.group(1);
        }
        throw new BasicAuthenticationAccessException("The 'Authorization' header did not contain a Basic Authentication header field.");
    }

    private BasicCredentials decodeBasicCredentials(String str) {
        String[] split = new String(Base64.getDecoder().decode(str), StandardCharsets.UTF_8).split(":");
        return new BasicCredentials(split[0], split[1]);
    }
}
