package de.conterra.smarteditor.common.authentication;

import de.conterra.smarteditor.admin.exception.TicketNotFoundException;
import de.conterra.smarteditor.admin.exception.TicketNotValidException;
import de.conterra.smarteditor.cswclient.ext.header.SecurityProvider;
import java.util.Arrays;
import java.util.Hashtable;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import org.apache.axis.AxisFault;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;

/* loaded from: input_file:de/conterra/smarteditor/common/authentication/TicketHandler.class */
public class TicketHandler extends BasicHandler {
    private boolean isSecured(MessageContext messageContext) {
        String str;
        Hashtable options = getOptions();
        if (options == null || options.size() == 0 || (str = (String) options.get("unsecuredMessages")) == null || str.equals("")) {
            return true;
        }
        String name = messageContext.getOperation().getName();
        String[] split = str.split(",");
        Arrays.sort(split);
        return Arrays.binarySearch(split, name.trim()) < 0;
    }

    public void invoke(MessageContext messageContext) throws AxisFault {
        if (isSecured(messageContext)) {
            SecurityProvider securityProvider = new SecurityProvider();
            try {
                securityProvider.examineSecuredAction((SOAPEnvelope) messageContext.getRequestMessage().getSOAPEnvelope());
                securityProvider.examineSamlTicket((SOAPEnvelope) messageContext.getRequestMessage().getSOAPEnvelope());
                Ticket ticket = securityProvider.getTicket();
                if (ticket == null) {
                    throw AxisFault.makeFault(new TicketNotFoundException("Cannot find a ticket in the SOAP Header"));
                }
                if (ticket.getActor() == null) {
                    throw AxisFault.makeFault(new TicketNotValidException("Ticket has no actor!"));
                }
                boolean z = false;
                for (String str : ticket.getActor().getRoles()) {
                    if (str.equalsIgnoreCase("tc_Administrator") || str.equalsIgnoreCase("tc_Redakteur") || str.equalsIgnoreCase("tc_Datenpfleger") || str.equalsIgnoreCase("tc_Informationssuchender") || str.equalsIgnoreCase("tc_Anonymus")) {
                        z = true;
                        break;
                    }
                }
                if (!z) {
                    throw AxisFault.makeFault(new TicketNotValidException("The minimum role to access this service is missing: 'tc_Anonymous'"));
                }
            } catch (SOAPException e) {
                throw AxisFault.makeFault(new TicketNotFoundException("Cannot find a ticket in the SOAP Header"));
            }
        }
    }
}
