package org.kiwiproject.dropwizard.jakarta.xml.ws;

import io.dropwizard.auth.AuthenticationException;
import io.dropwizard.auth.basic.BasicCredentials;
import java.io.IOException;
import java.io.OutputStream;
import java.security.Principal;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import org.apache.cxf.common.security.SecurityToken;
import org.apache.cxf.common.security.TokenType;
import org.apache.cxf.common.security.UsernameToken;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.transport.Conduit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/kiwiproject/dropwizard/jakarta/xml/ws/BasicAuthenticationInterceptor.class */
public class BasicAuthenticationInterceptor<P extends Principal> extends AbstractPhaseInterceptor<Message> {
    private static final Logger LOG = LoggerFactory.getLogger(BasicAuthenticationInterceptor.class);
    public static final String PRINCIPAL_KEY = "dropwizard.jakarta.xml.ws.principal";
    private BasicAuthentication<P> authentication;

    public BasicAuthenticationInterceptor() {
        super("unmarshal");
    }

    public void setAuthenticator(BasicAuthentication<P> basicAuthentication) {
        this.authentication = basicAuthentication;
    }

    public void handleMessage(Message message) throws Fault {
        Exchange exchange = message.getExchange();
        BasicCredentials basicCredentials = null;
        try {
            AuthorizationPolicy authorizationPolicy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
            if (Objects.nonNull(authorizationPolicy) && Objects.nonNull(authorizationPolicy.getUserName()) && Objects.nonNull(authorizationPolicy.getPassword())) {
                basicCredentials = new BasicCredentials(authorizationPolicy.getUserName(), authorizationPolicy.getPassword());
            } else {
                UsernameToken usernameToken = (SecurityToken) message.get(SecurityToken.class);
                if (Objects.nonNull(usernameToken) && usernameToken.getTokenType() == TokenType.UsernameToken) {
                    UsernameToken usernameToken2 = usernameToken;
                    basicCredentials = new BasicCredentials(usernameToken2.getName(), usernameToken2.getPassword());
                }
            }
            if (Objects.isNull(basicCredentials)) {
                sendErrorResponse(message, 401);
                return;
            }
            Optional authenticate = this.authentication.getAuthenticator().authenticate(new BasicCredentials(basicCredentials.getUsername(), basicCredentials.getPassword()));
            if (authenticate.isEmpty()) {
                sendErrorResponse(message, 401);
            } else {
                exchange.getInMessage().put(PRINCIPAL_KEY, authenticate.get());
            }
        } catch (AuthenticationException e) {
            sendErrorResponse(message, 500);
        }
    }

    private void sendErrorResponse(Message message, int i) {
        Message outMessage = getOutMessage(message);
        outMessage.put(Message.RESPONSE_CODE, Integer.valueOf(i));
        Map map = (Map) message.get(Message.PROTOCOL_HEADERS);
        if (Objects.nonNull(map)) {
            map.put("WWW-Authenticate", Collections.singletonList("Basic realm=" + this.authentication.getRealm()));
            map.put("Content-length", Collections.singletonList("0"));
        }
        message.getInterceptorChain().abort();
        try {
            getConduit(message).prepare(outMessage);
            close(outMessage);
        } catch (IOException e) {
            LOG.warn(e.getMessage(), e);
        }
    }

    private Message getOutMessage(Message message) {
        Exchange exchange = message.getExchange();
        Message outMessage = exchange.getOutMessage();
        if (Objects.isNull(outMessage)) {
            outMessage = ((Endpoint) exchange.get(Endpoint.class)).getBinding().createMessage();
            exchange.setOutMessage(outMessage);
        }
        outMessage.putAll(message);
        return outMessage;
    }

    private Conduit getConduit(Message message) throws IOException {
        Exchange exchange = message.getExchange();
        Conduit backChannel = exchange.getDestination().getBackChannel(message);
        exchange.setConduit(backChannel);
        return backChannel;
    }

    private void close(Message message) throws IOException {
        OutputStream outputStream = (OutputStream) message.getContent(OutputStream.class);
        outputStream.flush();
        outputStream.close();
    }
}
