package org.n52.security.service.enforcement;

import java.io.IOException;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.artifact.SimpleTransferAttribute;
import org.n52.security.common.util.TransferableServletWriter;
import org.n52.security.enforcement.chain.InterceptorException;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.service.enforcement.mgmt.TargetPathMappingService;
import org.n52.security.service.web.WebContext;
import org.n52.security.service.web.WebSecurityProcessingContext;
import org.n52.security.service.web.WebSecurityProcessor;
import org.n52.security.service.web.WebSecurityProcessorChain;
import org.n52.security.service.wss.PolicyEnforcementServiceImpl;
import org.n52.security.service.wss.PolicyEnforcementServiceLocator;
import org.n52.security.support.net.client.HTTPClientFactory;
import org.n52.security.support.net.client.jdk.JDKHTTPClientFactory;

/* loaded from: input_file:org/n52/security/service/enforcement/EnforcementServiceWebProcessor.class */
public class EnforcementServiceWebProcessor implements WebSecurityProcessor {
    private PolicyEnforcementServiceLocator pesLocator;
    private WSSRequestUrlFactory wssRequestUrlFactory = new WSSRequestUrlFactory();
    private HTTPClientFactory httpClientFactory;
    TargetPathMappingService pathMappingService;

    public void processSecure(WebSecurityProcessingContext webSecurityProcessingContext, WebContext webContext, WebSecurityProcessorChain webSecurityProcessorChain) {
        try {
            doService(webSecurityProcessingContext, webContext, webSecurityProcessorChain);
        } catch (IOException e) {
            throw new InterceptorException("Could not authorize request", e);
        }
    }

    public void doService(WebSecurityProcessingContext webSecurityProcessingContext, WebContext webContext, WebSecurityProcessorChain webSecurityProcessorChain) throws IOException {
        HttpServletRequest request = webContext.getRequest();
        HttpServletResponse response = webContext.getResponse();
        WSSRequestUrlFactory wSSRequestUrlFactory = new WSSRequestUrlFactory();
        wSSRequestUrlFactory.setTargetPathPatternMappingService(getPathMappingService());
        EnforcementServiceRequest wSSRequestUrlFactory2 = wSSRequestUrlFactory.getInstance(request);
        String enforcementPointId = wSSRequestUrlFactory2.getEnforcementPointId();
        PolicyEnforcementServiceImpl locate = this.pesLocator.locate(enforcementPointId);
        if (locate == null) {
            response.sendError(404, String.format("No enforcement point configuration for id <%s>", enforcementPointId));
            return;
        }
        ForwardingSecuredServiceRequestBuilder forwardingSecuredServiceRequestBuilder = new ForwardingSecuredServiceRequestBuilder(wSSRequestUrlFactory2);
        forwardingSecuredServiceRequestBuilder.setProtectedServiceEndpoint(new URL(locate.getEndpoint()));
        forwardingSecuredServiceRequestBuilder.setRedirectionAuthenticationUrl(wSSRequestUrlFactory2.buildServiceUrl() + "/public");
        SecuredServiceRequest build = forwardingSecuredServiceRequestBuilder.build(request, response);
        if (getHttpClientFactory() == null) {
            build.addAttribute(new SimpleTransferAttribute("http.client.factory", new JDKHTTPClientFactory()));
        } else {
            build.addAttribute(new SimpleTransferAttribute("http.client.factory", getHttpClientFactory()));
        }
        authorize(response, locate, build, webSecurityProcessingContext.getAuthenticationContext());
        webSecurityProcessorChain.performAccessControl(webContext);
    }

    public void authorize(HttpServletResponse httpServletResponse, PolicyEnforcementServiceImpl policyEnforcementServiceImpl, SecuredServiceRequest securedServiceRequest, AuthenticationContext authenticationContext) {
        try {
            new TransferableServletWriter(policyEnforcementServiceImpl.doService(securedServiceRequest, authenticationContext)).write(httpServletResponse);
        } catch (ServiceException e) {
            new TransferableServletWriter(e.getAsTransferable()).write(httpServletResponse);
        }
    }

    private String buildRedirectionUrl(EnforcementServiceRequest enforcementServiceRequest, WSSRequestUrlFactory wSSRequestUrlFactory, String str) {
        if (str == null) {
            return null;
        }
        return wSSRequestUrlFactory.buildServiceUrlForAuthScheme(enforcementServiceRequest, str);
    }

    public PolicyEnforcementServiceLocator getPesLocator() {
        return this.pesLocator;
    }

    public void setPesLocator(PolicyEnforcementServiceLocator policyEnforcementServiceLocator) {
        this.pesLocator = policyEnforcementServiceLocator;
    }

    public WSSRequestUrlFactory getWssRequestUrlFactory() {
        return this.wssRequestUrlFactory;
    }

    public void setWssRequestUrlFactory(WSSRequestUrlFactory wSSRequestUrlFactory) {
        this.wssRequestUrlFactory = wSSRequestUrlFactory;
    }

    public HTTPClientFactory getHttpClientFactory() {
        return this.httpClientFactory;
    }

    public void setHttpClientFactory(HTTPClientFactory hTTPClientFactory) {
        this.httpClientFactory = hTTPClientFactory;
    }

    public TargetPathMappingService getPathMappingService() {
        return this.pathMappingService;
    }

    public void setPathMappingService(TargetPathMappingService targetPathMappingService) {
        this.pathMappingService = targetPathMappingService;
    }
}
