package de.adorsys.opba.adminapi.config;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.logging.log4j.util.Strings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/adorsys/opba/adminapi/config/AdminApiSecurityFilter.class */
public class AdminApiSecurityFilter implements Filter {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(AdminApiSecurityFilter.class);
    private static final int BASIC_KEYWORD_LEN = 6;
    private final String expectedAuth;

    public AdminApiSecurityFilter(String str, String str2) {
        this.expectedAuth = Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(StandardCharsets.UTF_8));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        String header = httpServletRequest.getHeader("Authorization");
        if (Strings.isEmpty(header) || !header.startsWith("Basic ")) {
            log.warn("Missing or wrong Authorization header for {}", requestURI);
            httpServletResponse.sendError(401, "Missing authorization");
            return;
        }
        if (this.expectedAuth.equals(header.substring(BASIC_KEYWORD_LEN))) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            log.warn("Bad credentials for {}", requestURI);
            httpServletResponse.sendError(401, "Wrong credentials");
        }
    }
}
