package org.xwiki.rest.internal;

import com.xpn.xwiki.XWiki;
import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.user.api.XWikiUser;
import java.util.logging.Level;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Header;
import org.restlet.engine.header.HeaderConstants;
import org.restlet.security.ChallengeAuthenticator;
import org.restlet.util.Series;
import org.xwiki.component.manager.ComponentLookupException;
import org.xwiki.component.manager.ComponentManager;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.model.reference.EntityReferenceSerializer;
import org.xwiki.rest.internal.resources.BrowserAuthenticationResource;

/* loaded from: input_file:WEB-INF/lib/xwiki-platform-rest-server-9.11.jar:org/xwiki/rest/internal/XWikiAuthentication.class */
public class XWikiAuthentication extends ChallengeAuthenticator {
    public XWikiAuthentication(Context context) throws IllegalArgumentException {
        super(context, true, ChallengeScheme.CUSTOM, "XWiki");
    }

    @Override // org.restlet.security.ChallengeAuthenticator, org.restlet.security.Authenticator
    public boolean authenticate(Request request, Response response) {
        if (request.getResourceRef().getPath().endsWith(BrowserAuthenticationResource.URI_PATTERN)) {
            return super.authenticate(request, response);
        }
        ComponentManager componentManager = (ComponentManager) getContext().getAttributes().get(Constants.XWIKI_COMPONENT_MANAGER);
        XWikiContext xWikiContext = Utils.getXWikiContext(componentManager);
        XWiki xWiki = Utils.getXWiki(componentManager);
        try {
            DocumentReferenceResolver documentReferenceResolver = (DocumentReferenceResolver) componentManager.getInstance(DocumentReferenceResolver.TYPE_STRING, "current");
            EntityReferenceSerializer entityReferenceSerializer = (EntityReferenceSerializer) componentManager.getInstance(EntityReferenceSerializer.TYPE_STRING);
            xWikiContext.setUserReference(null);
            Series series = (Series) response.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
            if (series == null) {
                series = new Series(Header.class);
                response.getAttributes().put(HeaderConstants.ATTRIBUTE_HEADERS, series);
            }
            series.add("XWiki-User", (String) entityReferenceSerializer.serialize(xWikiContext.getUserReference(), new Object[0]));
            series.add("XWiki-Version", xWikiContext.getWiki().getVersion());
            try {
                XWikiUser checkAuth = xWiki.checkAuth(xWikiContext);
                if (checkAuth != null) {
                    xWikiContext.setUserReference(documentReferenceResolver.resolve(checkAuth.getUser(), new Object[0]));
                    getLogger().fine(String.format("Authenticated as '%s'.", checkAuth.getUser()));
                    series.set("XWiki-User", (String) entityReferenceSerializer.serialize(xWikiContext.getUserReference(), new Object[0]));
                    return true;
                }
            } catch (XWikiException e) {
                getLogger().log(Level.WARNING, "Exception occurred while authenticating.", (Throwable) e);
            }
            return super.authenticate(request, response);
        } catch (ComponentLookupException e2) {
            return false;
        }
    }
}
