package io.confluent.common.security.jetty;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.security.authentication.DeferredAuthentication;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.Authentication;

/* loaded from: input_file:io/confluent/common/security/jetty/OAuthOrBasicAuthenticator.class */
public class OAuthOrBasicAuthenticator extends LoginAuthenticator {
    private static final OAuthBearerAuthenticator oauth = new OAuthBearerAuthenticator();
    private static final BasicAuthenticator basic = new BasicAuthenticator();
    private static final String BASIC_KEYWORD = "basic";

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return "BEARER+BASIC";
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        int indexOf;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader(HttpHeader.AUTHORIZATION.asString());
        return !z ? new DeferredAuthentication(this) : httpServletRequest.getParameter("access_token") != null ? oauth.validateRequest(servletRequest, servletResponse, true) : (header == null || (indexOf = header.indexOf(32)) <= 0 || !"Bearer".equals(header.substring(0, indexOf))) ? basic.validateRequest(servletRequest, servletResponse, true) : oauth.validateRequest(servletRequest, servletResponse, true);
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator, org.eclipse.jetty.security.Authenticator
    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
        super.setConfiguration(authConfiguration);
        basic.setConfiguration(authConfiguration);
        oauth.setConfiguration(authConfiguration);
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) {
        return true;
    }
}
