package eu.unicore.services.rest.security;

import de.fzj.unicore.wsrflite.ISubSystem;
import de.fzj.unicore.wsrflite.Kernel;
import de.fzj.unicore.wsrflite.KernelInjectable;
import de.fzj.unicore.wsrflite.utils.Utilities;
import eu.unicore.security.SecurityTokens;
import eu.unicore.util.Log;
import eu.unicore.util.configuration.ConfigurationException;
import eu.unicore.util.configuration.PropertyGroupHelper;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.ServiceLoader;
import org.apache.cxf.message.Message;
import org.apache.log4j.Logger;

/* loaded from: input_file:eu/unicore/services/rest/security/AuthenticatorChain.class */
public class AuthenticatorChain implements IAuthenticator, ISubSystem {
    private final Kernel kernel;
    private static final Logger logger = Log.getLogger("unicore.security", AuthenticatorChain.class);
    private static final Collection<String> s = new HashSet();
    private final List<IAuthenticator> chain = new ArrayList();
    private final List<AuthenticatorDefaults> defaults = new ArrayList();

    public AuthenticatorChain(Kernel kernel) {
        this.kernel = kernel;
        registerConfigDefaults();
        kernel.setAttribute(AuthenticatorChain.class, this);
    }

    public void init(Kernel kernel) {
    }

    @Override // eu.unicore.services.rest.security.IAuthenticator
    public final Collection<String> getAuthSchemes() {
        return s;
    }

    @Override // eu.unicore.services.rest.security.IAuthenticator
    public boolean authenticate(Message message, SecurityTokens securityTokens) {
        boolean z = false;
        for (IAuthenticator iAuthenticator : this.chain) {
            try {
                z = iAuthenticator.authenticate(message, securityTokens) || z;
            } catch (Exception e) {
                Log.logException("Error using authenticator <" + iAuthenticator.getClass().getName() + ">", e, logger);
            }
            if (securityTokens.getEffectiveUserName() != null) {
                break;
            }
        }
        return z;
    }

    public void configure(String str, RESTSecurityProperties rESTSecurityProperties) throws ConfigurationException {
        String str2 = "authentication." + str + ".";
        String value = rESTSecurityProperties.getValue(str2 + "class");
        if (value == null) {
            value = getDefaultClass(str);
            if (value == null) {
                throw new ConfigurationException("Inconsistent REST authentication chain definition: expected <" + str2 + "class> property with IAuthenticator implementation.");
            }
        }
        try {
            IAuthenticator iAuthenticator = (IAuthenticator) Class.forName(value).getConstructor(new Class[0]).newInstance(new Object[0]);
            configureAuth(RESTSecurityProperties.PREFIX + str2, rESTSecurityProperties.rawProperties, iAuthenticator);
            this.chain.add(iAuthenticator);
            s.addAll(iAuthenticator.getAuthSchemes());
            logger.info("Enabled REST authentication: " + iAuthenticator);
        } catch (Exception e) {
            throw new ConfigurationException("Cannot create IAuthenticator instance  <" + value + ">", e);
        }
    }

    private void configureAuth(String str, Properties properties, IAuthenticator iAuthenticator) {
        Map filteredMap = new PropertyGroupHelper(properties, new String[]{str}).getFilteredMap();
        filteredMap.remove(str + "class");
        Utilities.mapParams(iAuthenticator, filteredMap, RESTSecurityProperties.propsLogger);
        Method findSetter = Utilities.findSetter(iAuthenticator.getClass(), "properties");
        if (findSetter != null && findSetter.getParameterTypes()[0].isAssignableFrom(Properties.class)) {
            try {
                findSetter.invoke(iAuthenticator, properties);
            } catch (Exception e) {
                throw new RuntimeException("Bug: can't set properties on chain: " + e.toString(), e);
            }
        }
        if (iAuthenticator instanceof KernelInjectable) {
            ((KernelInjectable) iAuthenticator).setKernel(this.kernel);
        }
    }

    private void registerConfigDefaults() {
        Iterator it = ServiceLoader.load(AuthenticatorDefaults.class).iterator();
        while (it.hasNext()) {
            this.defaults.add((AuthenticatorDefaults) it.next());
        }
    }

    private String getDefaultClass(String str) {
        String str2 = null;
        Iterator<AuthenticatorDefaults> it = this.defaults.iterator();
        while (it.hasNext()) {
            str2 = it.next().getImplementationClass(str);
            if (str2 != null) {
                break;
            }
        }
        return str2;
    }

    public List<IAuthenticator> getChain() {
        return Collections.unmodifiableList(this.chain);
    }

    public String getStatusDescription() {
        StringBuilder sb = new StringBuilder();
        String property = System.getProperty("line.separator");
        if (this.chain.size() == 0) {
            sb.append("N/A");
        }
        for (IAuthenticator iAuthenticator : this.chain) {
            sb.append(property);
            sb.append(" * ").append(iAuthenticator.toString());
        }
        return sb.toString();
    }

    public String getName() {
        return "User authentication";
    }
}
