package org.wso2.carbon.core.admin;

import java.text.SimpleDateFormat;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.Handler;
import org.apache.axis2.handlers.AbstractHandler;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/wso2/carbon/core/admin/AuthenticationHandler.class */
public class AuthenticationHandler extends AbstractHandler {
    private static final Log log = LogFactory.getLog(AuthenticationHandler.class);
    private MessageContext msgContext;

    public Handler.InvocationResponse invoke(MessageContext messageContext) throws AxisFault {
        this.msgContext = messageContext;
        authenticate((String) messageContext.getProperty("REMOTE_ADDR"));
        return Handler.InvocationResponse.CONTINUE;
    }

    protected void authenticate(String str) throws AxisFault {
        if (isAdminService() && !isAuthenticated(str)) {
            throw new AxisFault("Access Denied. Please login first.");
        }
    }

    private boolean isAuthenticated(String str) {
        AxisService axisService = this.msgContext.getAxisService();
        String localPart = this.msgContext.getAxisOperation().getName().getLocalPart();
        String name = axisService.getName();
        if ((name.equals("GlobalAdminService") || name.equals("Axis2NodeManager")) && (localPart.equals("login") || localPart.equals("logout"))) {
            return true;
        }
        if (name.equals("ServiceAdmin") && localPart.equals("listServiceGroups")) {
            return true;
        }
        boolean equals = "true".equals((String) ((HttpServletRequest) this.msgContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession().getAttribute("wso2carbon.admin.logged.in"));
        if (!equals) {
            log.warn("Illegal access attempt at " + new SimpleDateFormat("'['yyyy-MM-dd HH:mm:ss,SSSS']'").format(new Date()) + " from IP address " + str + " : Service is " + name);
        }
        return equals;
    }

    private boolean isAdminService() {
        boolean z = false;
        Parameter parameter = this.msgContext.getParameter("adminService");
        if (parameter != null && parameter.getValue().equals("true")) {
            z = true;
        }
        return z;
    }
}
