package com.mobi.web.authentication;

import com.mobi.jaas.api.config.MobiConfiguration;
import com.mobi.jaas.api.engines.EngineManager;
import com.mobi.jaas.api.ontologies.usermanagement.Role;
import com.mobi.jaas.api.principals.UserPrincipal;
import com.mobi.web.authentication.resources.MobiContextHelper;
import com.mobi.web.security.util.RestSecurityUtils;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.Principal;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.stream.Collectors;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.wiring.BundleWire;
import org.osgi.framework.wiring.BundleWiring;
import org.osgi.service.http.HttpContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mobi/web/authentication/AuthHttpContext.class */
public abstract class AuthHttpContext implements HttpContext {
    protected MobiConfiguration configuration;
    protected EngineManager engineManager;
    private static final String REQUIRED_ROLE = "user";
    protected Bundle bundle;
    static final URL NO_URL;
    private final Logger log = LoggerFactory.getLogger(getClass().getName());
    private final ConcurrentMap<String, URL> resourceCache = new ConcurrentHashMap();
    protected String rootPath = "/";

    public void setBundle(Bundle bundle) {
        this.bundle = bundle;
    }

    public void setRootPath(String str) {
        this.rootPath = str;
    }

    public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        this.log.debug("Requesting Authorization...");
        if (handleAuth(httpServletRequest, httpServletResponse)) {
            this.log.debug("Authorization Granted.");
            return true;
        }
        this.log.debug("Authorization Denied.");
        handleAuthDenied(httpServletRequest, httpServletResponse);
        return false;
    }

    protected abstract boolean handleAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException;

    protected abstract void handleAuthDenied(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException;

    protected boolean authenticated(HttpServletRequest httpServletRequest, String str, String str2) {
        if (!doAuthenticate(str, str2).isPresent()) {
            return false;
        }
        httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", str);
        return true;
    }

    public Optional<Subject> doAuthenticate(String str, String str2) {
        Subject subject = new Subject();
        if (!RestSecurityUtils.authenticateUser(MobiContextHelper.NAME, subject, str, str2, this.configuration)) {
            return Optional.empty();
        }
        List list = (List) subject.getPrincipals().stream().filter(principal -> {
            return principal instanceof UserPrincipal;
        }).collect(Collectors.toList());
        if (list.isEmpty()) {
            this.log.debug("No UserPrincipals found");
            return Optional.empty();
        }
        boolean z = false;
        Iterator it = this.engineManager.getUserRoles(((Principal) list.get(0)).getName()).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (((Role) it.next()).getResource().stringValue().contains(REQUIRED_ROLE)) {
                z = true;
                break;
            }
        }
        if (z) {
            return Optional.of(subject);
        }
        this.log.debug("User does not have the required role user");
        return Optional.empty();
    }

    public URL getResource(String str) {
        String trim = normalizeResourcePath(this.rootPath + (str.startsWith("/") ? "" : "/") + str).trim();
        this.log.debug(String.format("Searching bundle " + this.bundle + " for resource [%s], normalized to [%s]", str, trim));
        URL url = this.resourceCache.get(trim);
        if (url == null && !trim.isEmpty()) {
            url = this.bundle.getEntry(trim);
            if (url == null) {
                this.log.debug("getEntry failed, trying with /META-INF/resources/ in bundle class space");
                Iterator<Bundle> it = getBundlesInClassSpace(this.bundle, new HashSet()).iterator();
                while (it.hasNext()) {
                    url = it.next().getEntry("/META-INF/resources/" + trim);
                    if (url != null) {
                        break;
                    }
                }
            }
            if (url == null) {
                this.log.debug("getEntry failed, fallback to getResource");
                url = this.bundle.getResource(trim);
            }
            if (url == null) {
                this.log.debug("getResource failed, fallback to system bundle getResource");
                url = this.bundle.getClass().getClassLoader().getResource(trim);
            }
            if (url == null) {
                url = NO_URL;
            }
            this.resourceCache.putIfAbsent(trim, url);
        }
        if (url == null || url == NO_URL) {
            this.log.debug("Resource not found");
            url = null;
        } else {
            this.log.debug(String.format("Resource found as url [%s]", url));
        }
        return url;
    }

    public String getMimeType(String str) {
        return str.endsWith(".jpg") ? "image/jpeg" : str.endsWith(".png") ? "image/png" : str.endsWith(".css") ? "text/css" : str.endsWith(".js") ? "application/javascript" : str.endsWith(".svg") ? "image/svg+xml" : "text/html";
    }

    private String normalizeResourcePath(String str) {
        if (str == null) {
            return null;
        }
        String replaceSlashes = replaceSlashes(str.trim());
        if (replaceSlashes.startsWith("/") && replaceSlashes.length() > 1) {
            replaceSlashes = replaceSlashes.substring(1);
        }
        return replaceSlashes;
    }

    private String replaceSlashes(String str) {
        String str2 = str;
        if (str2 != null) {
            str2 = str2.replaceAll("/+", "/");
        }
        return str2;
    }

    private Set<Bundle> getBundlesInClassSpace(Bundle bundle, Set<Bundle> set) {
        return getBundlesInClassSpace(bundle.getBundleContext(), bundle, set);
    }

    private Set<Bundle> getBundlesInClassSpace(BundleContext bundleContext, Bundle bundle, Set<Bundle> set) {
        HashSet hashSet = new HashSet();
        if (bundle == null) {
            this.log.error("Incoming bundle is null");
            return hashSet;
        }
        if (bundleContext == null) {
            this.log.error("Incoming context is null");
            return hashSet;
        }
        BundleWiring bundleWiring = (BundleWiring) bundle.adapt(BundleWiring.class);
        if (bundleWiring == null) {
            this.log.error("BundleWiring is null for: " + bundle);
            return hashSet;
        }
        Iterator it = bundleWiring.getRequiredWires((String) null).iterator();
        while (it.hasNext()) {
            Bundle bundle2 = ((BundleWire) it.next()).getCapability().getRevision().getBundle();
            if (bundle2.getBundleId() != 0 && !hashSet.contains(bundle2)) {
                hashSet.add(bundle2);
            }
        }
        if (!set.containsAll(hashSet)) {
            hashSet.removeAll(set);
            set.addAll(hashSet);
        }
        set.removeIf(bundle3 -> {
            return bundle3.getState() == 1;
        });
        return set;
    }

    static {
        try {
            NO_URL = new URL("http:");
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }
}
