package org.apache.isis.viewer.json.viewer.authentication;

import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.apache.isis.core.commons.authentication.AuthenticationSession;
import org.apache.isis.core.runtime.authentication.AuthenticationManager;
import org.apache.isis.core.runtime.authentication.AuthenticationRequestPassword;
import org.apache.isis.runtimes.dflt.runtime.system.context.IsisContext;
import org.apache.isis.runtimes.dflt.webapp.auth.AuthenticationSessionStrategyAbstract;

/* loaded from: input_file:org/apache/isis/viewer/json/viewer/authentication/AuthenticationSessionStrategyBasicAuth.class */
public class AuthenticationSessionStrategyBasicAuth extends AuthenticationSessionStrategyAbstract {
    private static Pattern USER_AND_PASSWORD_REGEX = Pattern.compile("^(.+):(.+)$");

    public AuthenticationSession lookupValid(ServletRequest servletRequest, ServletResponse servletResponse) {
        String header = ((HttpServletRequest) servletRequest).getHeader("Authorization");
        if (header == null || !header.startsWith("Basic ")) {
            return null;
        }
        Matcher matcher = USER_AND_PASSWORD_REGEX.matcher(new String(new Base64().decode(header.substring(6).getBytes())));
        if (!matcher.matches()) {
            return null;
        }
        return getAuthenticationManager().authenticate(new AuthenticationRequestPassword(matcher.group(1), matcher.group(2)));
    }

    protected AuthenticationManager getAuthenticationManager() {
        return IsisContext.getAuthenticationManager();
    }
}
