package org.granite.messaging.service.security;

import java.lang.reflect.InvocationTargetException;
import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.granite.context.GraniteContext;
import org.granite.messaging.webapp.HttpGraniteContext;
import weblogic.servlet.security.ServletAuthentication;

/* loaded from: input_file:org/granite/messaging/service/security/WebLogicSecurityService.class */
public class WebLogicSecurityService extends AbstractSecurityService {
    public void configure(Map<String, String> map) {
    }

    public void login(Object obj, String str) throws SecurityServiceException {
        String[] decodeBase64Credentials = decodeBase64Credentials(obj, str);
        HttpGraniteContext currentInstance = GraniteContext.getCurrentInstance();
        HttpServletRequest request = currentInstance.getRequest();
        int i = 1;
        try {
            i = ServletAuthentication.login(decodeBase64Credentials[0], decodeBase64Credentials[1], request, currentInstance.getResponse());
        } catch (LoginException e) {
        }
        if (i != 0) {
            throw SecurityServiceException.newInvalidCredentialsException("Wrong username or password");
        }
        request.getSession(true);
        endLogin(obj, str);
    }

    public Object authorize(AbstractSecurityContext abstractSecurityContext) throws Exception {
        Throwable th;
        HttpSession session;
        startAuthorization(abstractSecurityContext);
        if (abstractSecurityContext.getDestination().isSecured()) {
            HttpServletRequest request = GraniteContext.getCurrentInstance().getRequest();
            Principal userPrincipal = request.getUserPrincipal();
            if (userPrincipal == null && tryRelogin()) {
                userPrincipal = request.getUserPrincipal();
            }
            if (userPrincipal == null) {
                if (request.getRequestedSessionId() == null || !((session = request.getSession(false)) == null || request.getRequestedSessionId().equals(session.getId()))) {
                    throw SecurityServiceException.newNotLoggedInException("User not logged in");
                }
                throw SecurityServiceException.newSessionExpiredException("Session expired");
            }
            boolean z = true;
            Iterator it = abstractSecurityContext.getDestination().getRoles().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (request.isUserInRole((String) it.next())) {
                    z = false;
                    break;
                }
            }
            if (z) {
                throw SecurityServiceException.newAccessDeniedException("User not in required role");
            }
        }
        try {
            return endAuthorization(abstractSecurityContext);
        } catch (InvocationTargetException e) {
            Throwable th2 = e;
            while (true) {
                th = th2;
                if (th == null) {
                    throw e;
                }
                if ((th instanceof SecurityException) || "javax.ejb.EJBAccessException".equals(th.getClass().getName())) {
                    break;
                }
                th2 = th.getCause();
            }
            throw SecurityServiceException.newAccessDeniedException(th.getMessage());
        }
    }

    public void logout() throws SecurityServiceException {
        HttpServletRequest request = GraniteContext.getCurrentInstance().getRequest();
        endLogout();
        if (request.getSession(false) != null) {
            request.getSession().invalidate();
        }
        ServletAuthentication.logout(request);
    }
}
