package org.melati.login;

import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import org.melati.Melati;
import org.melati.poem.AccessPoemException;
import org.melati.poem.PoemThread;
import org.melati.poem.User;
import org.melati.util.UnexpectedExceptionException;

/* loaded from: input_file:WEB-INF/lib/melati-0.7.8-RC3-SNAPSHOT.jar:org/melati/login/HttpBasicAuthenticationAccessHandler.class */
public class HttpBasicAuthenticationAccessHandler implements AccessHandler {
    private static final String className = new HttpBasicAuthenticationAccessHandler().getClass().getName();
    final String REALM = className + ".realm";
    final String USER = className + ".user";

    protected boolean useSession() {
        return false;
    }

    protected void forceLogin(HttpServletResponse httpServletResponse, String str, String str2) {
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + (str == null ? "<unknown>" : str.replace('\"', ' ')) + "\"");
        try {
            httpServletResponse.sendError(401, str2);
        } catch (IOException e) {
            throw new UnexpectedExceptionException(e);
        }
    }

    @Override // org.melati.login.AccessHandler
    public void handleAccessException(Melati melati, AccessPoemException accessPoemException) throws Exception {
        if (useSession()) {
            melati.getSession().setAttribute(this.REALM, "melati");
        }
        forceLogin(melati.getResponse(), "melati", accessPoemException.getMessage());
    }

    @Override // org.melati.login.AccessHandler
    public Melati establishUser(Melati melati) {
        String str;
        HttpAuthorization from = HttpAuthorization.from(melati.getRequest());
        if (from == null) {
            PoemThread.setAccessToken(melati.getDatabase().guestAccessToken());
            return melati;
        }
        User user = useSession() ? (User) melati.getSession().getAttribute(this.USER) : null;
        User user2 = (user == null || !user.getLogin().equals(from.username)) ? (User) melati.getDatabase().getUserTable().getLoginColumn().firstWhereEq(from.username) : user;
        if (user2 != null && user2.getPassword_unsafe().equals(from.password)) {
            PoemThread.setAccessToken(user2);
            if (useSession() && user2 != user) {
                melati.getSession().setAttribute(this.USER, user2);
            }
            return melati;
        }
        if (!useSession() || (str = (String) melati.getSession().getAttribute(this.REALM)) == null) {
            PoemThread.setAccessToken(melati.getDatabase().guestAccessToken());
            return melati;
        }
        forceLogin(melati.getResponse(), str, "Login/password not recognised");
        return null;
    }

    @Override // org.melati.login.AccessHandler
    public void buildRequest(Melati melati) throws IOException {
    }
}
