package de.ipk_gatersleben.bit.bi.edal.rest.server;

import java.io.IOException;
import java.util.List;
import java.util.StringTokenizer;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.glassfish.jersey.internal.util.Base64;

@Provider
/* loaded from: input_file:de/ipk_gatersleben/bit/bi/edal/rest/server/SecurityFilter.class */
public class SecurityFilter implements ContainerRequestFilter {
    private static final String AUTHORIZATION_HEADER_KEY = "Authorization";
    private static final String AUTHORIZATION_HEADER_PREFIX = "Basic ";
    private static final String SECURED_URL_PREFIX = "secured";

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        List list;
        if (!containerRequestContext.getUriInfo().getPath().contains(SECURED_URL_PREFIX) || (list = (List) containerRequestContext.getHeaders().get(AUTHORIZATION_HEADER_KEY)) == null || list.size() <= 0) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(Base64.decodeAsString(((String) list.get(0)).replaceFirst(AUTHORIZATION_HEADER_PREFIX, "")), ":");
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        if ("user".equals(nextToken) && "password".equals(nextToken2)) {
            return;
        }
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).entity("user not allowed").build());
    }
}
