package com.atlassian.plugins.rest.module.sal.websudo;

import com.atlassian.plugins.rest.common.sal.websudo.WebSudoResourceContext;
import com.atlassian.plugins.rest.module.servlet.ServletUtils;
import com.atlassian.sal.api.websudo.WebSudoManager;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-rest-module-6.1.2.jar:com/atlassian/plugins/rest/module/sal/websudo/SalWebSudoResourceContext.class */
public class SalWebSudoResourceContext implements WebSudoResourceContext {
    private static final String BASIC_AUTHZ_TYPE_PREFIX = "Basic ";
    private final WebSudoManager webSudoManager;

    public SalWebSudoResourceContext(WebSudoManager webSudoManager) {
        this.webSudoManager = webSudoManager;
    }

    @Override // com.atlassian.plugins.rest.common.sal.websudo.WebSudoResourceContext
    public boolean shouldEnforceWebSudoProtection() {
        HttpServletRequest httpServletRequest = ServletUtils.getHttpServletRequest();
        if (null == httpServletRequest) {
            return false;
        }
        String header = httpServletRequest.getHeader("Authorization");
        return (null == header || !header.startsWith(BASIC_AUTHZ_TYPE_PREFIX)) && !this.webSudoManager.canExecuteRequest(httpServletRequest);
    }
}
