package org.granite.messaging.service.security;

import java.lang.reflect.Field;
import java.security.Principal;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.catalina.Context;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.Realm;
import org.apache.catalina.Server;
import org.apache.catalina.ServerFactory;
import org.apache.catalina.Service;
import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.RequestFacade;
import org.granite.context.GraniteContext;
import org.granite.messaging.webapp.HttpGraniteContext;

/* loaded from: input_file:jadort-war-1.4.3.war:WEB-INF/lib/granite.jar:org/granite/messaging/service/security/TomcatSecurityService.class */
public class TomcatSecurityService extends AbstractSecurityService {
    private final Field requestField;
    private Engine engine = null;

    public TomcatSecurityService() {
        try {
            this.requestField = RequestFacade.class.getDeclaredField("request");
            this.requestField.setAccessible(true);
        } catch (Exception e) {
            throw new RuntimeException("Could not get 'request' field in Tomcat RequestFacade", e);
        }
    }

    protected Field getRequestField() {
        return this.requestField;
    }

    protected Engine getEngine() {
        return this.engine;
    }

    @Override // org.granite.messaging.service.security.SecurityService
    public void configure(Map<String, String> map) {
        String str = map.get("service");
        Server server = ServerFactory.getServer();
        if (server == null) {
            throw new NullPointerException("Could not get Tomcat server");
        }
        Service service = null;
        if (str != null) {
            service = server.findService(str);
        } else {
            Service[] findServices = server.findServices();
            if (findServices != null && findServices.length > 0) {
                service = findServices[0];
            }
        }
        if (service == null) {
            throw new NullPointerException("Could not find Tomcat service for: " + (str != null ? str : "(default)"));
        }
        this.engine = service.getContainer();
        if (this.engine == null) {
            throw new NullPointerException("Could not find Tomcat container for: " + (str != null ? str : "(default)"));
        }
    }

    @Override // org.granite.messaging.service.security.SecurityService
    public void login(Object obj) throws SecurityServiceException {
        String[] decodeBase64Credentials = decodeBase64Credentials(obj);
        HttpServletRequest request = ((HttpGraniteContext) GraniteContext.getCurrentInstance()).getRequest();
        Principal authenticate = getRealm(request).authenticate(decodeBase64Credentials[0], decodeBase64Credentials[1]);
        if (authenticate == null) {
            throw SecurityServiceException.newInvalidCredentialsException("Wrong username or password");
        }
        Request request2 = getRequest(request);
        request2.setAuthType(AbstractSecurityService.AUTH_TYPE);
        request2.setUserPrincipal(authenticate);
        Session sessionInternal = request2.getSessionInternal();
        sessionInternal.setAuthType(AbstractSecurityService.AUTH_TYPE);
        sessionInternal.setPrincipal(authenticate);
        sessionInternal.setNote("org.apache.catalina.session.USERNAME", decodeBase64Credentials[0]);
        sessionInternal.setNote("org.apache.catalina.session.PASSWORD", decodeBase64Credentials[1]);
    }

    /* JADX WARN: Code restructure failed: missing block: B:44:0x00d8, code lost:
    
        throw org.granite.messaging.service.security.SecurityServiceException.newAccessDeniedException(r7.getMessage());
     */
    @Override // org.granite.messaging.service.security.SecurityService
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.Object authorize(org.granite.messaging.service.security.AbstractSecurityContext r5) throws java.lang.Exception {
        /*
            r4 = this;
            r0 = r4
            r1 = r5
            r0.startAuthorization(r1)
            r0 = r5
            org.granite.config.flex.Destination r0 = r0.getDestination()
            boolean r0 = r0.isSecured()
            if (r0 == 0) goto Lae
            org.granite.context.GraniteContext r0 = org.granite.context.GraniteContext.getCurrentInstance()
            org.granite.messaging.webapp.HttpGraniteContext r0 = (org.granite.messaging.webapp.HttpGraniteContext) r0
            r6 = r0
            r0 = r6
            javax.servlet.http.HttpServletRequest r0 = r0.getRequest()
            r7 = r0
            r0 = r4
            r1 = r7
            java.security.Principal r0 = r0.getPrincipal(r1)
            r8 = r0
            r0 = r8
            if (r0 != 0) goto L5d
            r0 = r7
            java.lang.String r0 = r0.getRequestedSessionId()
            if (r0 == 0) goto L57
            r0 = r7
            r1 = 0
            javax.servlet.http.HttpSession r0 = r0.getSession(r1)
            r9 = r0
            r0 = r9
            if (r0 == 0) goto L51
            r0 = r7
            java.lang.String r0 = r0.getRequestedSessionId()
            r1 = r9
            java.lang.String r1 = r1.getId()
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L57
        L51:
            java.lang.String r0 = "Session expired"
            org.granite.messaging.service.security.SecurityServiceException r0 = org.granite.messaging.service.security.SecurityServiceException.newSessionExpiredException(r0)
            throw r0
        L57:
            java.lang.String r0 = "User not logged in"
            org.granite.messaging.service.security.SecurityServiceException r0 = org.granite.messaging.service.security.SecurityServiceException.newNotLoggedInException(r0)
            throw r0
        L5d:
            r0 = r4
            r1 = r7
            org.apache.catalina.Realm r0 = r0.getRealm(r1)
            r9 = r0
            r0 = 1
            r10 = r0
            r0 = r5
            org.granite.config.flex.Destination r0 = r0.getDestination()
            java.util.List r0 = r0.getRoles()
            java.util.Iterator r0 = r0.iterator()
            r12 = r0
            goto L98
        L78:
            r0 = r12
            java.lang.Object r0 = r0.next()
            java.lang.String r0 = (java.lang.String) r0
            r11 = r0
            r0 = r9
            r1 = r8
            r2 = r11
            boolean r0 = r0.hasRole(r1, r2)
            if (r0 == 0) goto L98
            r0 = 0
            r10 = r0
            goto La2
        L98:
            r0 = r12
            boolean r0 = r0.hasNext()
            if (r0 != 0) goto L78
        La2:
            r0 = r10
            if (r0 == 0) goto Lae
            java.lang.String r0 = "User not in required role"
            org.granite.messaging.service.security.SecurityServiceException r0 = org.granite.messaging.service.security.SecurityServiceException.newAccessDeniedException(r0)
            throw r0
        Lae:
            r0 = r4
            r1 = r5
            java.lang.Object r0 = r0.endAuthorization(r1)     // Catch: java.lang.reflect.InvocationTargetException -> Lb4
            return r0
        Lb4:
            r6 = move-exception
            r0 = r6
            r7 = r0
            goto Lde
        Lba:
            r0 = r7
            boolean r0 = r0 instanceof java.lang.SecurityException
            if (r0 != 0) goto Ld1
            java.lang.String r0 = "javax.ejb.EJBAccessException"
            r1 = r7
            java.lang.Class r1 = r1.getClass()
            java.lang.String r1 = r1.getName()
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto Ld9
        Ld1:
            r0 = r7
            java.lang.String r0 = r0.getMessage()
            org.granite.messaging.service.security.SecurityServiceException r0 = org.granite.messaging.service.security.SecurityServiceException.newAccessDeniedException(r0)
            throw r0
        Ld9:
            r0 = r7
            java.lang.Throwable r0 = r0.getCause()
            r7 = r0
        Lde:
            r0 = r7
            if (r0 != 0) goto Lba
            r0 = r6
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.granite.messaging.service.security.TomcatSecurityService.authorize(org.granite.messaging.service.security.AbstractSecurityContext):java.lang.Object");
    }

    @Override // org.granite.messaging.service.security.SecurityService
    public void logout() throws SecurityServiceException {
        Session session = getSession(((HttpGraniteContext) GraniteContext.getCurrentInstance()).getRequest(), false);
        if (session == null || session.getPrincipal() == null) {
            return;
        }
        session.setAuthType((String) null);
        session.setPrincipal((Principal) null);
        session.removeNote("org.apache.catalina.session.USERNAME");
        session.removeNote("org.apache.catalina.session.PASSWORD");
        session.expire();
    }

    protected Principal getPrincipal(HttpServletRequest httpServletRequest) {
        Session sessionInternal = getRequest(httpServletRequest).getSessionInternal(false);
        if (sessionInternal != null) {
            return sessionInternal.getPrincipal();
        }
        return null;
    }

    protected Session getSession(HttpServletRequest httpServletRequest, boolean z) {
        return getRequest(httpServletRequest).getSessionInternal(z);
    }

    protected Request getRequest(HttpServletRequest httpServletRequest) {
        while (httpServletRequest instanceof HttpServletRequestWrapper) {
            httpServletRequest = (HttpServletRequest) ((HttpServletRequestWrapper) httpServletRequest).getRequest();
        }
        try {
            return (Request) this.requestField.get(httpServletRequest);
        } catch (Exception e) {
            throw new RuntimeException("Could not get tomcat request", e);
        }
    }

    protected Realm getRealm(HttpServletRequest httpServletRequest) {
        String serverName = httpServletRequest.getServerName();
        String contextPath = httpServletRequest.getContextPath();
        Host findChild = this.engine.findChild(serverName);
        if (findChild == null) {
            findChild = (Host) this.engine.findChild(this.engine.getDefaultHost());
            if (findChild == null) {
                throw new NullPointerException("Could not find Tomcat host for: " + serverName + " or: " + this.engine.getDefaultHost());
            }
        }
        Context findChild2 = findChild.findChild(contextPath);
        if (findChild2 == null) {
            throw new NullPointerException("Could not find Tomcat context for: " + contextPath);
        }
        Realm realm = findChild2.getRealm();
        if (realm == null) {
            throw new NullPointerException("Could not find Tomcat realm for: " + serverName + contextPath);
        }
        return realm;
    }
}
