package com.github.xiaoymin.knife4j.spring.gateway.filter.basic;

import com.github.xiaoymin.knife4j.spring.gateway.conf.GlobalConstants;
import com.github.xiaoymin.knife4j.spring.gateway.filter.AbstractBasicAuthFilter;
import java.util.Base64;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.springframework.web.server.WebSession;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/lib/knife4j-gateway-spring-boot-starter-4.5.0.jar:com/github/xiaoymin/knife4j/spring/gateway/filter/basic/WebFluxSecurityBasicAuthFilter.class */
public class WebFluxSecurityBasicAuthFilter extends AbstractBasicAuthFilter implements WebFilter {
    private boolean enableBasicAuth = false;
    private String userName;
    private String password;

    @Override // org.springframework.web.server.WebFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        return (this.enableBasicAuth && match(serverWebExchange.getRequest().getURI().toString())) ? serverWebExchange.getSession().doOnNext(webSession -> {
            doFilter(serverWebExchange, webSession);
        }).then(webFilterChain.filter(serverWebExchange)) : webFilterChain.filter(serverWebExchange);
    }

    private void doFilter(ServerWebExchange serverWebExchange, WebSession webSession) {
        if (webSession.getAttribute(GlobalConstants.KNIFE4J_BASIC_AUTH_SESSION) != null) {
            return;
        }
        String first = serverWebExchange.getRequest().getHeaders().getFirst("Authorization");
        ServerHttpResponse response = serverWebExchange.getResponse();
        if (first == null) {
            writeForbiddenCode(response);
        }
        String[] split = first.split(" ");
        if (split.length != 2 || !split[0].equals("Basic")) {
            writeForbiddenCode(response);
        }
        String[] split2 = new String(Base64.getDecoder().decode(split[1])).split(":");
        if (split2.length == 2 && split2[0].equals(this.userName) && split2[1].equals(this.password)) {
            serverWebExchange.getSession().doOnNext(webSession2 -> {
                webSession2.getAttributes().put(GlobalConstants.KNIFE4J_BASIC_AUTH_SESSION, this.userName);
            }).subscribe();
        } else {
            writeForbiddenCode(response);
        }
    }

    private void writeForbiddenCode(ServerHttpResponse serverHttpResponse) {
        serverHttpResponse.setRawStatusCode(Integer.valueOf(HttpStatus.UNAUTHORIZED.value()));
        serverHttpResponse.getHeaders().add("WWW-Authenticate", "Basic realm=\"Restricted Area\"");
        throw new ResponseStatusException(HttpStatus.UNAUTHORIZED.value(), (String) null, (Throwable) null);
    }

    public void setEnableBasicAuth(boolean z) {
        this.enableBasicAuth = z;
    }

    public void setUserName(String str) {
        this.userName = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public boolean isEnableBasicAuth() {
        return this.enableBasicAuth;
    }

    public String getUserName() {
        return this.userName;
    }

    public String getPassword() {
        return this.password;
    }
}
