package org.artifactory.webapp.servlet.authentication;

import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.artifactory.api.security.SecurityService;
import org.artifactory.security.props.auth.model.TokenKeyValue;
import org.artifactory.util.SessionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:org/artifactory/webapp/servlet/authentication/AuthenticationFilterUtils.class */
public class AuthenticationFilterUtils {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationFilterUtils.class);

    public static TokenKeyValue getTokenKeyValueFromHeader(HttpServletRequest httpServletRequest) {
        TokenKeyValue apiKeyTokenKeyValue = getApiKeyTokenKeyValue(httpServletRequest);
        if (apiKeyTokenKeyValue != null) {
            return apiKeyTokenKeyValue;
        }
        TokenKeyValue oauthTokenKeyValue = getOauthTokenKeyValue(httpServletRequest);
        if (oauthTokenKeyValue != null) {
            return oauthTokenKeyValue;
        }
        return null;
    }

    private static TokenKeyValue getApiKeyTokenKeyValue(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("X-JFrog-Art-Api");
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getHeader("X-Api-Key");
        }
        if (header != null) {
            return new TokenKeyValue("apiKey", header);
        }
        return null;
    }

    private static TokenKeyValue getOauthTokenKeyValue(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        int length = "Bearer ".length();
        if (header == null || !header.startsWith("Bearer ") || header.length() <= length + 1) {
            return null;
        }
        return new TokenKeyValue("basictoken", header.substring(length));
    }

    public static boolean isAcceptedByPropsFilter(HttpServletRequest httpServletRequest) {
        return getTokenKeyValueFromHeader(httpServletRequest) != null;
    }

    public static boolean isAuthHeaderPresent(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("Authorization") != null;
    }

    public static boolean isAcceptSsoFilter(HttpServletRequest httpServletRequest, SecurityService securityService) {
        if (securityService.isHttpSsoProxied()) {
            return StringUtils.isNotBlank(getRemoteUserName(securityService, httpServletRequest));
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isRequestContainsAuthentication(HttpServletRequest httpServletRequest, SecurityService securityService) {
        return isAuthHeaderPresent(httpServletRequest) || isAcceptedByPropsFilter(httpServletRequest) || isAcceptSsoFilter(httpServletRequest, securityService) || isHttpSessionAuthenticated(httpServletRequest);
    }

    private static boolean isHttpSessionAuthenticated(HttpServletRequest httpServletRequest) {
        Authentication authentication = SessionUtils.getAuthentication(httpServletRequest);
        return authentication != null && authentication.isAuthenticated();
    }

    public static String getRemoteUserName(SecurityService securityService, HttpServletRequest httpServletRequest) {
        log.debug("Entering ArtifactorySsoAuthenticationFilter.getRemoteUserName");
        String str = null;
        String httpSsoRemoteUserRequestVariable = securityService.getHttpSsoRemoteUserRequestVariable();
        if (StringUtils.isNotBlank(httpSsoRemoteUserRequestVariable)) {
            log.debug("Remote user request variable = '{}'.", httpSsoRemoteUserRequestVariable);
            Object attribute = httpServletRequest.getAttribute(httpSsoRemoteUserRequestVariable);
            if (attribute != null) {
                str = attribute.toString();
                log.debug("Remote user attribute: '{}'.", str);
            }
            if (StringUtils.isBlank(str)) {
                str = httpServletRequest.getRemoteUser();
                log.debug("Remote user from request: '{}'.", str);
            }
            if (StringUtils.isBlank(str)) {
                str = httpServletRequest.getHeader(httpSsoRemoteUserRequestVariable);
                log.debug("Remote user from header: '{}'.", str);
            }
        }
        if (str != null) {
            return str.toLowerCase();
        }
        return null;
    }
}
