package org.apache.ranger.authorization.elasticsearch.plugin.authc.user;

import java.util.Base64;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;
import org.elasticsearch.ElasticsearchStatusException;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.rest.RestStatus;

/* loaded from: input_file:org/apache/ranger/authorization/elasticsearch/plugin/authc/user/UsernamePasswordToken.class */
public class UsernamePasswordToken {
    public static final String USERNAME = "username";
    public static final String BASIC_AUTH_PREFIX = "Basic ";
    public static final String BASIC_AUTH_HEADER = "Authorization";
    public static final String BASIC_AUTH_COOKIE = "Cookie";
    public static final String REQUEST_HOST = "Host";
    public static final String LOCAL_HOST_NAME = "localhost";
    public static final String LOCAL_HOST_IP = "127.0.0.1";
    public static final String ES_SUPER_USER = "elasticsearch";
    public static final String USER_NAME = "userName";
    public static final String NEGOTIATE_KEYWORD = "Negotiate";
    private String username;
    private String password;

    public UsernamePasswordToken(String str, String str2) {
        this.username = str;
        this.password = str2;
    }

    public static UsernamePasswordToken parseToken(RestRequest restRequest) {
        String userFromCookie;
        Map headers = restRequest.getHttpRequest().getHeaders();
        if (MapUtils.isEmpty(headers)) {
            return null;
        }
        List list = (List) headers.get(REQUEST_HOST);
        if (!CollectionUtils.isEmpty(list) && (((String) list.get(0)).contains(LOCAL_HOST_NAME) || ((String) list.get(0)).contains(LOCAL_HOST_IP))) {
            return new UsernamePasswordToken(ES_SUPER_USER, "");
        }
        List list2 = (List) headers.get(BASIC_AUTH_HEADER);
        if (CollectionUtils.isEmpty(list2)) {
            return null;
        }
        String str = (String) list2.get(0);
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        if (str.startsWith(NEGOTIATE_KEYWORD)) {
            List list3 = (List) headers.get(BASIC_AUTH_COOKIE);
            return (CollectionUtils.isEmpty(list3) || (userFromCookie = getUserFromCookie((String) list3.get(0))) == null) ? new UsernamePasswordToken((String) ((List) headers.get(USER_NAME)).get(0), "") : new UsernamePasswordToken(userFromCookie, "");
        }
        try {
            String str2 = new String(Base64.getUrlDecoder().decode(str.substring(BASIC_AUTH_PREFIX.length())));
            int indexOf = StringUtils.indexOf(str2, ':');
            if (indexOf <= 0) {
                throw new ElasticsearchStatusException("Error: Parse user authentication to get the wrong.", RestStatus.UNAUTHORIZED, new Object[0]);
            }
            return new UsernamePasswordToken(StringUtils.substring(str2, 0, indexOf), StringUtils.substring(str2, indexOf + 1, str2.length()));
        } catch (IllegalArgumentException e) {
            throw new ElasticsearchStatusException("Error: Failed to parse user authentication.", RestStatus.UNAUTHORIZED, e, new Object[0]);
        }
    }

    private static String getUserFromCookie(String str) {
        int indexOf = str.indexOf("u=");
        int indexOf2 = str.indexOf("p=");
        if (indexOf2 < 0 || indexOf < 0) {
            return null;
        }
        return str.substring(indexOf + 2, indexOf2 - 1);
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String toString() {
        return "UsernamePasswordToken [username=" + this.username + ", password=******]";
    }
}
