package org.n52.security.service.enforcement;

import java.net.URL;
import java.util.ArrayList;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.log4j.Logger;
import org.n52.security.common.authentication.Credential;
import org.n52.security.common.authentication.PasswordAuthenticationMethod;
import org.n52.security.common.authentication.SessionAuthenticationMethod;
import org.n52.security.common.protocol.PolicyEnforcementService;
import org.n52.security.common.protocol.artifact.PolicyEnforcementServiceCapabilities;
import org.n52.security.common.protocol.artifact.ServiceException;
import org.n52.security.common.protocol.artifact.SessionInfo;
import org.n52.security.common.protocol.artifact.Transferable;
import org.n52.security.service.common.loginmodule.AuthenticationModule;
import org.n52.security.service.common.loginmodule.SessionHandler;
import org.n52.security.service.enforcement.exception.EnforcementServiceException;
import org.n52.security.service.enforcement.exception.ExceptionHandler;
import org.n52.security.service.enforcement.interceptor.InterceptorChain;
import org.n52.security.service.enforcement.interceptor.InterceptorException;
import org.n52.security.service.enforcement.servicerequest.SecuredServiceRequest;

/* loaded from: input_file:org/n52/security/service/enforcement/PolicyEnforcementServiceImpl.class */
public class PolicyEnforcementServiceImpl implements PolicyEnforcementService {
    private static Logger sLogger;
    public static String FORWARD_HTTP_GET;
    public static final String sConfigFilePath = "/conf/pes/pesConfig.xml";
    private PolicyEnforcementServiceConfiguration config;
    private ExceptionHandler exceptionHandler;
    private InterceptorChain chain;
    private AuthenticationModule authentModule;
    private PolicyEnforcementServiceCapabilities mPesCaps;
    static Class class$org$n52$security$service$enforcement$PolicyEnforcementServiceImpl;

    public PolicyEnforcementServiceImpl(PolicyEnforcementServiceConfiguration policyEnforcementServiceConfiguration) throws Exception {
        this.config = policyEnforcementServiceConfiguration;
        sLogger.info("Configure exception handler ...");
        this.exceptionHandler = this.config.getExceptionHandler();
        sLogger.info("Configure authentication modules ...");
        this.authentModule = this.config.getAuthenticationModule();
        sLogger.info("Configure interceptor chain ...");
        this.chain = this.config.getInterceptorChain();
        URL url = new URL(this.config.getCapabilitiesURL());
        String bindingParameter = this.config.getBindingParameter("wss.url");
        this.mPesCaps = new PolicyEnforcementServiceCapabilities(url.openStream(), "UTF-8");
        this.mPesCaps.setOperationsUrls(bindingParameter);
        this.mPesCaps.setSecuredServiceType(this.config.getProtectedServiceType());
        this.mPesCaps.addAuthenticationMethods(this.authentModule.getAuthenticationMethods());
    }

    @Override // org.n52.security.common.protocol.PolicyEnforcementService
    public void closeSession(String str, String str2) throws ServiceException {
        if (str2 == null) {
            throw new ServiceException("No SESSIONID parameter or value.", ServiceException.INVALID_FORMAT);
        }
        if (SessionHandler.removeSession(str2) == null) {
            throw new ServiceException("No matching session found. Session may already be closed.", ServiceException.INVALID_SESSION);
        }
    }

    @Override // org.n52.security.common.protocol.PolicyEnforcementService
    public Transferable doService(String str, Transferable transferable, Credential credential) throws ServiceException {
        String authenticationMethodURN = credential.getAuthenticationMethodURN();
        SecuredServiceRequest securedServiceRequest = (SecuredServiceRequest) transferable;
        if (authenticationMethodURN == null || authenticationMethodURN.equals("")) {
            authenticationMethodURN = PasswordAuthenticationMethod.sMethodUrn;
        }
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(credential);
            sLogger.debug("Authentication started");
            Subject authenticate = this.authentModule.authenticate(authenticationMethodURN, arrayList);
            sLogger.debug("Authentication finished");
            sLogger.debug("Interceptor chain started");
            Transferable doChain = this.chain.doChain(securedServiceRequest, authenticate);
            sLogger.debug("Interceptor chain finished");
            return doChain;
        } catch (LoginException e) {
            sLogger.debug(new StringBuffer().append("Authentication of ").append(credential).append(" via ").append(authenticationMethodURN).append(" method failed").toString());
            return new ServiceException(new StringBuffer().append("Authentication failed: ").append(e.getMessage()).toString(), ServiceException.AUTHENTICATION_FAILED).getAsTransferable();
        } catch (ServiceException e2) {
            sLogger.debug(new StringBuffer().append("Internal service error (backend not reachable): ").append(e2.getMessage()).toString());
            return getExceptionHandler().handleException(e2, securedServiceRequest);
        } catch (EnforcementServiceException e3) {
            sLogger.debug(new StringBuffer().append("Unauthorized request: ").append(e3.getMessage()).toString());
            return getExceptionHandler().handleException(e3, securedServiceRequest);
        } catch (InterceptorException e4) {
            sLogger.error("Interceptor chain interrupted. Request will be ignored", e4);
            return getExceptionHandler().handleException(new Exception("Error during authorization process"), securedServiceRequest);
        }
    }

    public Transferable doService(DoServiceRequest doServiceRequest) {
        Transferable transferable = null;
        try {
        } catch (Exception e) {
            sLogger.error("Error during DoService operation", e);
        }
        if (doServiceRequest.getServiceRequest() == null) {
            throw new ServiceException("Missing SERVICEREQUEST parameter", ServiceException.INVALID_FORMAT);
        }
        if (doServiceRequest.getCredentials() == null) {
            throw new ServiceException("Either (SESSIONID) or (CREDENTIALS and METHOD) must be provided.", ServiceException.INVALID_FORMAT);
        }
        transferable = doService(doServiceRequest.getVersion(), doServiceRequest.getSecureServiceRequest(new URL(this.config.getProtectedServiceURL())), doServiceRequest.getCredentials());
        return transferable;
    }

    @Override // org.n52.security.common.protocol.PolicyEnforcementService
    public PolicyEnforcementServiceCapabilities getCapabilities(String str, String str2) throws ServiceException {
        return this.mPesCaps;
    }

    @Override // org.n52.security.common.protocol.PolicyEnforcementService
    public SessionInfo getSession(String str, Credential credential) throws ServiceException {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(credential);
            String authenticationMethodURN = credential.getAuthenticationMethodURN();
            if (!this.authentModule.supportsAuthenticationMethod(authenticationMethodURN)) {
                throw new ServiceException("Sessions are not supported by this service", ServiceException.INVALID_FORMAT);
            }
            SessionInfo sessionInfo = new SessionInfo(((SessionAuthenticationMethod) this.authentModule.getAuthenticationMethod(SessionAuthenticationMethod.sMethodUrn)).getSessionTimeout(), "default", "default", "opened", this.authentModule.authenticate(authenticationMethodURN, arrayList));
            SessionHandler.addSession(sessionInfo);
            return sessionInfo;
        } catch (Exception e) {
            throw new ServiceException(e.getMessage(), ServiceException.AUTHENTICATION_FAILED);
        }
    }

    private ExceptionHandler getExceptionHandler() {
        return this.exceptionHandler;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$enforcement$PolicyEnforcementServiceImpl == null) {
            cls = class$("org.n52.security.service.enforcement.PolicyEnforcementServiceImpl");
            class$org$n52$security$service$enforcement$PolicyEnforcementServiceImpl = cls;
        } else {
            cls = class$org$n52$security$service$enforcement$PolicyEnforcementServiceImpl;
        }
        sLogger = Logger.getLogger(cls);
        FORWARD_HTTP_GET = "HTTP GET";
    }
}
