package org.glassfish.webservices;

import com.sun.enterprise.deployment.Application;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.util.ResourceBundle;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.util.Base64;
import org.glassfish.ejb.api.EjbEndpointFacade;
import org.glassfish.ejb.spi.WSEjbEndpointRegistry;
import org.glassfish.internal.api.Globals;
import org.glassfish.webservices.monitoring.Endpoint;
import org.glassfish.webservices.monitoring.WebServiceEngineImpl;
import org.glassfish.webservices.monitoring.WebServiceTesterServlet;

/* loaded from: input_file:org/glassfish/webservices/EjbWebServiceServlet.class */
public class EjbWebServiceServlet extends HttpServlet {
    private Logger logger = LogDomains.getLogger(getClass(), "javax.enterprise.webservices");
    private ResourceBundle rb = this.logger.getResourceBundle();
    private static final Base64 base64Helper = new Base64();
    private static final String AUTHORIZATION_HEADER = "authorization";
    private SecurityService secServ;

    public EjbWebServiceServlet() {
        if (Globals.getDefaultHabitat() != null) {
            this.secServ = (SecurityService) Globals.get(SecurityService.class);
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        EjbRuntimeEndpointInfo ejbWebServiceEndpoint;
        boolean z = true;
        String requestURI = httpServletRequest.getRequestURI();
        String substring = requestURI.charAt(0) == '/' ? requestURI.substring(1) : requestURI;
        String queryString = httpServletRequest.getQueryString();
        if ("Tester".equalsIgnoreCase(queryString)) {
            Endpoint endpoint = WebServiceEngineImpl.getInstance().getEndpoint(httpServletRequest.getRequestURI());
            if (endpoint.getDescriptor().isSecure() || endpoint.getDescriptor().getMessageSecurityBinding() != null) {
                new WsUtil().writeInvalidMethodType(httpServletResponse, endpoint.getDescriptor().getWebService().getName() + "is a secured web service; Tester feature is not supported for secured services");
                return;
            } else if (endpoint != null && Boolean.parseBoolean(endpoint.getDescriptor().getDebugging())) {
                z = false;
                WebServiceTesterServlet.invoke(httpServletRequest, httpServletResponse, endpoint.getDescriptor());
            }
        }
        if (!z || (ejbWebServiceEndpoint = ((WebServiceEjbEndpointRegistry) Globals.getDefaultHabitat().getComponent(WSEjbEndpointRegistry.class)).getEjbWebServiceEndpoint(substring, httpServletRequest.getMethod(), queryString)) == null) {
            return;
        }
        dispatchToEjbEndpoint(httpServletRequest, httpServletResponse, ejbWebServiceEndpoint);
    }

    private void dispatchToEjbEndpoint(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, EjbRuntimeEndpointInfo ejbRuntimeEndpointInfo) {
        String scheme = httpServletRequest.getScheme();
        String str = ejbRuntimeEndpointInfo.getEndpoint().isSecure() ? "https" : "http";
        if (!str.equalsIgnoreCase(scheme)) {
            this.logger.log(Level.WARNING, "Invalid request scheme for Endpoint " + ejbRuntimeEndpointInfo.getEndpoint().getEndpointName() + ". Expected " + str + " . Received " + scheme);
            return;
        }
        EjbEndpointFacade container = ejbRuntimeEndpointInfo.getContainer();
        boolean z = false;
        try {
            try {
                ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
                Thread.currentThread().setContextClassLoader(container.getEndpointClassLoader());
                String str2 = null;
                Application application = ejbRuntimeEndpointInfo.getEndpoint().getBundleDescriptor().getApplication();
                if (application != null) {
                    str2 = application.getRealm();
                }
                if (str2 == null) {
                    str2 = ejbRuntimeEndpointInfo.getEndpoint().getRealm();
                }
                if (str2 == null) {
                    str2 = httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort();
                }
                try {
                    if (this.secServ != null) {
                        z = this.secServ.doSecurity(httpServletRequest, ejbRuntimeEndpointInfo, str2, ejbRuntimeEndpointInfo.getWebServiceContext());
                    }
                } catch (Exception e) {
                    this.logger.log(Level.WARNING, "authentication failed for " + ejbRuntimeEndpointInfo.getEndpoint().getEndpointName(), (Throwable) e);
                }
                if (z) {
                    ejbRuntimeEndpointInfo.getMessageDispatcher().invoke(httpServletRequest, httpServletResponse, getServletContext(), ejbRuntimeEndpointInfo);
                    if (z && this.secServ != null) {
                        this.secServ.resetSecurityContext();
                    }
                    Thread.currentThread().setContextClassLoader(contextClassLoader);
                    return;
                }
                httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + str2 + "\"");
                httpServletResponse.sendError(401);
                if (z && this.secServ != null) {
                    this.secServ.resetSecurityContext();
                }
                Thread.currentThread().setContextClassLoader(contextClassLoader);
            } catch (Throwable th) {
                this.logger.log(Level.WARNING, "", th);
                if (0 != 0 && this.secServ != null) {
                    this.secServ.resetSecurityContext();
                }
                Thread.currentThread().setContextClassLoader(null);
            }
        } catch (Throwable th2) {
            if (0 != 0 && this.secServ != null) {
                this.secServ.resetSecurityContext();
            }
            Thread.currentThread().setContextClassLoader(null);
            throw th2;
        }
    }
}
