package ch.ivyteam.ivy.webservice.process.internal;

import ch.ivyteam.ivy.security.AuthenticationException;
import ch.ivyteam.ivy.security.ISecurityContext;
import ch.ivyteam.security.Password;
import ch.ivyteam.util.IvyRuntimeException;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Arrays;
import java.util.Map;
import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.helpers.HttpHeaderHelper;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.transport.Conduit;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:ch/ivyteam/ivy/webservice/process/internal/HttpBasicAuthenticationInterceptor.class */
public class HttpBasicAuthenticationInterceptor extends SoapHeaderInterceptor {
    private SessionProvider sessionProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpBasicAuthenticationInterceptor(ISecurityContext iSecurityContext) {
        this.sessionProvider = new SessionProvider(iSecurityContext);
        addAfter(IvySingleSignOnAwareAuthenticationInterceptor.class.getName());
    }

    @Override // org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor, org.apache.cxf.interceptor.Interceptor
    public void handleMessage(Message message) {
        if (isAlreadyAuthenticatedByPreviousInterceptor()) {
            return;
        }
        AuthorizationPolicy authorizationPolicy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
        if (authorizationPolicy == null) {
            sendErrorResponse(message, 401);
            return;
        }
        try {
            authenticateUser(authorizationPolicy.getUserName(), authorizationPolicy.getPassword());
        } catch (AuthenticationException e) {
            sendErrorResponse(message, 403);
            throw new Fault((Throwable) e);
        }
    }

    private boolean isAlreadyAuthenticatedByPreviousInterceptor() {
        return this.sessionProvider.hasCurrent();
    }

    private void authenticateUser(String str, String str2) throws AuthenticationException {
        this.sessionProvider.createAndRegister().authenticateSessionUser(str, new Password(str2));
    }

    private void sendErrorResponse(Message message, int i) {
        Message outMessage = getOutMessage(message);
        try {
            try {
                outMessage.put(Message.RESPONSE_CODE, Integer.valueOf(i));
                Map map = (Map) message.get(Message.PROTOCOL_HEADERS);
                if (map != null) {
                    map.put("WWW-Authenticate", Arrays.asList("Basic realm=Axon.ivy"));
                    map.put(HttpHeaderHelper.CONTENT_LENGTH, Arrays.asList(CustomBooleanEditor.VALUE_0));
                }
                message.getInterceptorChain().abort();
                getConduit(message).prepare(outMessage);
            } catch (IOException e) {
                throw new IvyRuntimeException(e);
            }
        } finally {
            close(outMessage);
        }
    }

    private Message getOutMessage(Message message) {
        Exchange exchange = message.getExchange();
        Message outMessage = exchange.getOutMessage();
        if (outMessage == null) {
            outMessage = ((Endpoint) exchange.get(Endpoint.class)).getBinding().createMessage();
            exchange.setOutMessage(outMessage);
        }
        outMessage.putAll(message);
        return outMessage;
    }

    private Conduit getConduit(Message message) throws IOException {
        Exchange exchange = message.getExchange();
        Conduit backChannel = exchange.getDestination().getBackChannel(message, null, (EndpointReferenceType) exchange.get(EndpointReferenceType.class));
        exchange.setConduit(backChannel);
        return backChannel;
    }

    private void close(Message message) {
        try {
            OutputStream outputStream = (OutputStream) message.getContent(OutputStream.class);
            outputStream.flush();
            outputStream.close();
        } catch (IOException e) {
            throw new IvyRuntimeException(e);
        }
    }
}
