package org.n52.security.service.wss;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.artifact.SimpleTransferAttribute;
import org.n52.security.common.artifact.TransferAttribute;
import org.n52.security.common.artifact.Transferable;
import org.n52.security.enforcement.chain.Interceptor;
import org.n52.security.enforcement.chain.InterceptorException;
import org.n52.security.enforcement.chain.InterceptorHandover;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.exception.EnforcementServiceException;
import org.n52.security.enforcement.exception.ExceptionHandler;
import org.n52.security.precondition.LicensePrecondition;

/* loaded from: input_file:lib/52n-security-wss-2.2-SNAPSHOT.jar:org/n52/security/service/wss/PolicyEnforcementServiceImpl.class */
public class PolicyEnforcementServiceImpl {
    private static final Log LOG = LogFactory.getLog(PolicyEnforcementServiceImpl.class);
    private ExceptionHandler m_exceptionHandler;
    private LicensePrecondition m_licensePrecondition;
    private List m_interceptors;
    private String m_endpoint;
    private String m_endpointPolicyId;
    private String m_endpointType;
    private String m_endpointHttpBasicUsername;
    private String m_endpointHttpBasicPassword;
    private Map m_serviceScopeAttributes = new Hashtable();

    public String getEndpoint() {
        if (this.m_endpoint == null) {
            throw new IllegalStateException("property <endpoint> not configured properly");
        }
        return this.m_endpoint;
    }

    public void setEndpoint(String str) {
        this.m_endpoint = str;
    }

    public String getEndpointPolicyId() {
        return (this.m_endpointPolicyId == null || this.m_endpointPolicyId.length() == 0) ? getEndpoint() : this.m_endpointPolicyId;
    }

    public void setEndpointPolicyId(String str) {
        this.m_endpointPolicyId = str;
    }

    public String getEndpointType() {
        if (this.m_endpointType == null) {
            throw new IllegalStateException("property <endpointType> not configured properly");
        }
        return this.m_endpointType;
    }

    public void setEndpointType(String str) {
        this.m_endpointType = str;
    }

    public String getEndpointHttpBasicUsername() {
        return this.m_endpointHttpBasicUsername;
    }

    public void setEndpointHttpBasicUsername(String str) {
        this.m_endpointHttpBasicUsername = str;
    }

    public String getEndpointHttpBasicPassword() {
        return this.m_endpointHttpBasicPassword;
    }

    public void setEndpointHttpBasicPassword(String str) {
        this.m_endpointHttpBasicPassword = str;
    }

    public ExceptionHandler getExceptionHandler() {
        if (this.m_exceptionHandler == null) {
            throw new IllegalStateException("property <exceptionHandler> not configured properly");
        }
        return this.m_exceptionHandler;
    }

    public void setExceptionHandler(ExceptionHandler exceptionHandler) {
        this.m_exceptionHandler = exceptionHandler;
    }

    public List getInterceptors() {
        if (this.m_interceptors == null) {
            this.m_interceptors = new ArrayList();
        }
        return this.m_interceptors;
    }

    public void setInterceptors(List list) {
        this.m_interceptors = list;
    }

    public void setLicensePrecondition(LicensePrecondition licensePrecondition) {
        this.m_licensePrecondition = licensePrecondition;
    }

    public LicensePrecondition getLicensePrecondition() {
        return this.m_licensePrecondition;
    }

    public Map getServiceScopeAttributes() {
        return this.m_serviceScopeAttributes;
    }

    public void setServiceScopeAttributes(Map map) {
        this.m_serviceScopeAttributes = map;
    }

    public Transferable doService(Transferable transferable, AuthenticationContext authenticationContext) throws ServiceException {
        SecuredServiceRequest securedServiceRequest = (SecuredServiceRequest) transferable;
        try {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Interceptor chain started");
            }
            Transferable doChain = doChain(securedServiceRequest, authenticationContext);
            if (LOG.isDebugEnabled()) {
                LOG.debug("Interceptor chain finished");
            }
            return doChain;
        } catch (InterceptorException e) {
            LOG.error("Interceptor chain interrupted. Request is blocked", e);
            return getExceptionHandler().handleException(e, securedServiceRequest);
        } catch (EnforcementServiceException e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Unauthorized request: " + e2.getMessage(), e2);
            } else if (LOG.isWarnEnabled()) {
                LOG.warn("Unauthorized request: " + e2.getMessage());
            }
            return getExceptionHandler().handleException(e2, securedServiceRequest);
        } catch (Exception e3) {
            LOG.error("Internal service error (backend not reachable): " + e3.getMessage(), e3);
            return getExceptionHandler().handleException(e3, securedServiceRequest);
        }
    }

    private Transferable doChain(SecuredServiceRequest securedServiceRequest, AuthenticationContext authenticationContext) throws EnforcementServiceException, ServiceException {
        InterceptorHandover interceptorHandover = new InterceptorHandover(getServiceScopeAttributes());
        securedServiceRequest.getForward().setServiceEndpoint(getEndpoint());
        securedServiceRequest.getForward().setServiceEndpointPolicyId(getEndpointPolicyId());
        if (getEndpointHttpBasicUsername() != null && getEndpointHttpBasicUsername().length() > 0) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute(TransferAttribute.HTTP_AUTH_BASIC_USERNAME, getEndpointHttpBasicUsername()));
            securedServiceRequest.addAttribute(new SimpleTransferAttribute(TransferAttribute.HTTP_AUTH_BASIC_PASSWORD, getEndpointHttpBasicPassword()));
        }
        interceptorHandover.setRequest(securedServiceRequest);
        if (LOG.isTraceEnabled()) {
            LOG.trace("chain (intercept) request");
        }
        Iterator it = getInterceptors().iterator();
        while (it.hasNext()) {
            interceptorHandover.setRequest(((Interceptor) it.next()).doRequest(authenticationContext.getSubject(), interceptorHandover));
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("forward request");
        }
        interceptorHandover.setResponse(interceptorHandover.getRequest().forward());
        if (LOG.isTraceEnabled()) {
            LOG.trace("chain (intercept) response");
        }
        Iterator it2 = getInterceptors().iterator();
        while (it2.hasNext()) {
            interceptorHandover.setResponse(((Interceptor) it2.next()).doResponse(authenticationContext.getSubject(), interceptorHandover));
        }
        return interceptorHandover.getResponse();
    }
}
