package org.ametys.plugins.core.impl.authentication;

import java.util.Map;
import org.ametys.core.authentication.AbstractCredentialProvider;
import org.ametys.core.authentication.NonBlockingCredentialProvider;
import org.ametys.core.user.UserIdentity;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.context.Contextualizable;
import org.apache.cocoon.components.ContextHelper;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/ametys/plugins/core/impl/authentication/RemoteUserCredentialProvider.class */
public class RemoteUserCredentialProvider extends AbstractCredentialProvider implements NonBlockingCredentialProvider, Contextualizable {
    private static final String __PARAM_REALM = "runtime.authentication.remote.realm";
    private static final String __PARAM_HEADER_NAME = "runtime.authentication.remote.header.name";
    protected String _realm;
    protected String _headerName;
    private Context _context;

    public void contextualize(Context context) throws ContextException {
        this._context = context;
    }

    @Override // org.ametys.core.authentication.AbstractCredentialProvider, org.ametys.core.authentication.CredentialProvider
    public void init(String str, String str2, Map<String, Object> map, String str3) {
        super.init(str, str2, map, str3);
        this._realm = (String) map.get(__PARAM_REALM);
        this._headerName = (String) map.get(__PARAM_HEADER_NAME);
    }

    @Override // org.ametys.core.authentication.NonBlockingCredentialProvider
    public boolean nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception {
        return true;
    }

    @Override // org.ametys.core.authentication.NonBlockingCredentialProvider
    public boolean nonBlockingGrantAnonymousRequest() {
        return false;
    }

    @Override // org.ametys.core.authentication.NonBlockingCredentialProvider
    public UserIdentity nonBlockingGetUserIdentity(Redirector redirector) throws Exception {
        String header = ObjectModelHelper.getRequest(ContextHelper.getObjectModel(this._context)).getHeader(this._headerName);
        if (header == null) {
            getLogger().error("Remote User is null! Missing filter?");
            return null;
        }
        if (!StringUtils.isNotBlank(this._realm)) {
            return new UserIdentity(header, null);
        }
        int indexOf = header.indexOf("\\");
        if (indexOf <= 0) {
            getLogger().error("Remote User '{}' does not match realm\\login", header);
            return null;
        }
        String substring = header.substring(indexOf + 1);
        String substring2 = header.substring(0, indexOf);
        if (this._realm.equals(substring2)) {
            return new UserIdentity(substring, null);
        }
        getLogger().error("Remote user realm '{}' does not match application realm '{}'", substring2, this._realm);
        return null;
    }

    @Override // org.ametys.core.authentication.NonBlockingCredentialProvider
    public void nonBlockingUserNotAllowed(Redirector redirector) throws Exception {
    }

    @Override // org.ametys.core.authentication.NonBlockingCredentialProvider
    public void nonBlockingUserAllowed(UserIdentity userIdentity) {
    }
}
