package sonia.scm.carbon.auth;

import com.google.inject.Singleton;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.ServiceClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.appfactory.common.AppFactoryConfiguration;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.utils.CarbonUtils;
import sonia.scm.SCMContextProvider;
import sonia.scm.plugin.ext.Extension;
import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.web.security.AuthenticationHandler;
import sonia.scm.web.security.AuthenticationResult;

@Singleton
@Extension
/* loaded from: input_file:sonia/scm/carbon/auth/CarbonAuthHandler.class */
public class CarbonAuthHandler implements AuthenticationHandler {
    private static final Logger logger = LoggerFactory.getLogger(CarbonAuthHandler.class);
    public static final String TYPE = "carbon";

    public AuthenticationResult authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        String str3 = httpServletRequest.getRequestURI().split("/")[3];
        AssertUtil.assertIsNotEmpty(str);
        AssertUtil.assertIsNotEmpty(str2);
        AssertUtil.assertIsNotEmpty(str3);
        return authenticateRemotely(str, str2, str3, (AppFactoryConfiguration) PrivilegedCarbonContext.getCurrentContext().getOSGiService(AppFactoryConfiguration.class)) ? new AuthenticationResult(getUser(str), getGroups(str3)) : AuthenticationResult.FAILED;
    }

    private boolean authenticateRemotely(String str, String str2, String str3, AppFactoryConfiguration appFactoryConfiguration) {
        try {
            String str4 = appFactoryConfiguration.getFirstProperty("ServerUrls.AppFactory") + "RepositoryAuthenticationService";
            ServiceClient serviceClient = new ServiceClient();
            serviceClient.getOptions().setTo(new EndpointReference(str4));
            serviceClient.getOptions().setAction("hasAccess");
            CarbonUtils.setBasicAccessSecurityHeaders(str, str2, serviceClient);
            Iterator childElements = serviceClient.sendReceive(new StAXOMBuilder(new ByteArrayInputStream(("   <p:hasAccess xmlns:p=\"http://service.mgt.repository.appfactory.carbon.wso2.org\">\n      <!--0 to 1 occurrence-->\n      <xs:username xmlns:xs=\"http://service.mgt.repository.appfactory.carbon.wso2.org\">" + str + "</xs:username>\n      <!--0 to 1 occurrence-->\n      <xs:applicationId xmlns:xs=\"http://service.mgt.repository.appfactory.carbon.wso2.org\">" + str3 + "</xs:applicationId>\n   </p:hasAccess>").getBytes())).getDocumentElement()).getChildElements();
            if (childElements.hasNext()) {
                return ((OMElement) childElements.next()).getText().equals("true");
            }
            return false;
        } catch (XMLStreamException e) {
            return false;
        } catch (AxisFault e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public void close() throws IOException {
    }

    public String getType() {
        return TYPE;
    }

    private User getUser(String str) {
        User user = new User();
        user.setName(str);
        user.setType(TYPE);
        user.setDisplayName(str);
        user.setMail("dummy@example.com");
        return user;
    }

    private Set<String> getGroups(String str) {
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        return hashSet;
    }

    public void init(SCMContextProvider sCMContextProvider) {
        logger.info("initializing  Carbon Auth Handler");
    }
}
