package io.confluent.rbacapi.app;

import io.confluent.common.security.auth.RestUserPrincipal;
import java.util.Collections;
import java.util.List;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.server.Authentication;

/* loaded from: input_file:io/confluent/rbacapi/app/MdsBasicAuthenticator.class */
public class MdsBasicAuthenticator extends BasicAuthenticator {
    public static final List<String> MDS_NO_AUTH_ENDPOINTS = Collections.singletonList("/security/1.0/features");

    /* loaded from: input_file:io/confluent/rbacapi/app/MdsBasicAuthenticator$MdsResponse.class */
    public class MdsResponse extends HttpServletResponseWrapper {
        public MdsResponse(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (StringUtils.equals(HttpHeader.WWW_AUTHENTICATE.asString(), str)) {
                super.setHeader(str, "none");
            } else {
                super.setHeader(str, str2);
            }
        }
    }

    @Override // org.eclipse.jetty.security.authentication.BasicAuthenticator, org.eclipse.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        MdsResponse mdsResponse = new MdsResponse((HttpServletResponse) servletResponse);
        if (!MDS_NO_AUTH_ENDPOINTS.stream().anyMatch(str -> {
            return httpServletRequest.getRequestURI().equalsIgnoreCase(str);
        })) {
            return super.validateRequest(servletRequest, mdsResponse, z);
        }
        return new UserAuthentication(getAuthMethod(), this._identityService.newUserIdentity(new Subject(), new RestUserPrincipal(""), new String[0]));
    }
}
