package pl.edu.icm.unity.rest;

import eu.unicore.util.configuration.ConfigurationException;
import java.io.StringReader;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import java.util.StringJoiner;
import javax.servlet.DispatcherType;
import javax.ws.rs.core.Application;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.binding.BindingFactoryManager;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.jaxrs.JAXRSBindingFactory;
import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
import org.apache.cxf.jaxrs.utils.ResourceUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.transport.servlet.CXFNonSpringServlet;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.servlets.CrossOriginFilter;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.AuthenticationProcessor;
import pl.edu.icm.unity.engine.api.authn.AuthenticatorInstance;
import pl.edu.icm.unity.engine.api.endpoint.AbstractWebEndpoint;
import pl.edu.icm.unity.engine.api.endpoint.BindingAuthn;
import pl.edu.icm.unity.engine.api.endpoint.WebAppEndpointInstance;
import pl.edu.icm.unity.engine.api.msg.UnityMessageSource;
import pl.edu.icm.unity.engine.api.server.NetworkServer;
import pl.edu.icm.unity.engine.api.session.SessionManagement;
import pl.edu.icm.unity.rest.authn.AuthenticationInterceptor;
import pl.edu.icm.unity.rest.authn.CXFAuthentication;
import pl.edu.icm.unity.rest.exception.EngineExceptionMapper;
import pl.edu.icm.unity.rest.exception.IllegalArgumentExceptionMapper;
import pl.edu.icm.unity.rest.exception.InternalExceptionMapper;
import pl.edu.icm.unity.rest.exception.JSONExceptionMapper;
import pl.edu.icm.unity.rest.exception.JSONParseExceptionMapper;
import pl.edu.icm.unity.rest.exception.JSONParsingExceptionMapper;
import pl.edu.icm.unity.rest.exception.NPEExceptionMapper;

/* loaded from: input_file:pl/edu/icm/unity/rest/RESTEndpoint.class */
public abstract class RESTEndpoint extends AbstractWebEndpoint implements WebAppEndpointInstance {
    private static final Logger log = Log.getLogger("unity.server.rest", RESTEndpoint.class);
    private AuthenticationProcessor authenticationProcessor;
    protected RESTEndpointProperties genericEndpointProperties;
    protected String servletPath;
    protected SessionManagement sessionMan;
    protected UnityMessageSource msg;
    protected Set<String> notProtectedPaths;

    public RESTEndpoint(UnityMessageSource unityMessageSource, SessionManagement sessionManagement, AuthenticationProcessor authenticationProcessor, NetworkServer networkServer, String str) {
        super(networkServer);
        this.notProtectedPaths = new HashSet();
        this.authenticationProcessor = authenticationProcessor;
        this.servletPath = str;
        this.msg = unityMessageSource;
        this.sessionMan = sessionManagement;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSerializedConfiguration(String str) {
        this.properties = new Properties();
        try {
            this.properties.load(new StringReader(str));
            this.genericEndpointProperties = new RESTEndpointProperties(this.properties);
        } catch (Exception e) {
            throw new ConfigurationException("Can't initialize the the generic RESTful endpoint's configuration", e);
        }
    }

    protected void addNotProtectedPaths(String... strArr) {
        for (String str : strArr) {
            this.notProtectedPaths.add(this.description.getEndpoint().getContextAddress() + str);
        }
    }

    protected abstract Application getApplication();

    private void deployResources(Bus bus) {
        JAXRSServerFactoryBean createApplication = ResourceUtils.createApplication(getApplication(), false);
        createApplication.setBus(bus);
        JAXRSBindingFactory jAXRSBindingFactory = new JAXRSBindingFactory();
        jAXRSBindingFactory.setBus(bus);
        ((BindingFactoryManager) bus.getExtension(BindingFactoryManager.class)).registerBindingFactory("http://apache.org/cxf/binding/jaxrs", jAXRSBindingFactory);
        Endpoint endpoint = createApplication.create().getEndpoint();
        addInterceptors(endpoint.getInInterceptors(), endpoint.getOutInterceptors());
    }

    public ServletContextHandler getServletContextHandler() {
        ServletContextHandler servletContextHandler = new ServletContextHandler(0);
        servletContextHandler.setContextPath(this.description.getEndpoint().getContextAddress());
        CXFNonSpringServlet cXFNonSpringServlet = new CXFNonSpringServlet();
        Bus createBus = BusFactory.newInstance().createBus();
        cXFNonSpringServlet.setBus(createBus);
        ServletHolder servletHolder = new ServletHolder(cXFNonSpringServlet);
        servletHolder.setName("services");
        servletHolder.setForcedPath("services");
        servletContextHandler.addServlet(servletHolder, this.servletPath + "/*");
        if (!this.genericEndpointProperties.getListOfValues(RESTEndpointProperties.ENABLED_CORS_ORIGINS).isEmpty()) {
            servletContextHandler.addFilter(getCorsFilter(), this.servletPath + "/*", EnumSet.of(DispatcherType.REQUEST));
        }
        deployResources(createBus);
        return servletContextHandler;
    }

    protected FilterHolder getCorsFilter() {
        FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
        List listOfValues = this.genericEndpointProperties.getListOfValues(RESTEndpointProperties.ENABLED_CORS_ORIGINS);
        StringJoiner stringJoiner = new StringJoiner(",");
        listOfValues.forEach(str -> {
            stringJoiner.add(str);
        });
        List listOfValues2 = this.genericEndpointProperties.getListOfValues(RESTEndpointProperties.ENABLED_CORS_HEADERS);
        StringJoiner stringJoiner2 = new StringJoiner(",");
        listOfValues2.forEach(str2 -> {
            stringJoiner2.add(str2);
        });
        filterHolder.setInitParameter("allowedHeaders", listOfValues2.isEmpty() ? "*" : stringJoiner2.toString());
        filterHolder.setInitParameter("allowedOrigins", stringJoiner.toString());
        filterHolder.setInitParameter("allowedMethods", "GET,POST,HEAD,DELETE,PUT,OPTIONS");
        log.debug("Will allow CORS for the following origins: " + stringJoiner.toString());
        return filterHolder;
    }

    public void updateAuthenticationFlows(List<AuthenticationFlow> list) throws UnsupportedOperationException {
        throw new UnsupportedOperationException();
    }

    private void addInterceptors(List<Interceptor<? extends Message>> list, List<Interceptor<? extends Message>> list2) {
        list.add(new AuthenticationInterceptor(this.msg, this.authenticationProcessor, this.authenticationFlows, this.description.getRealm(), this.sessionMan, this.notProtectedPaths, getEndpointDescription().getType().getFeatures()));
        installAuthnInterceptors(this.authenticationFlows, list);
    }

    public static void installAuthnInterceptors(List<AuthenticationFlow> list, List<Interceptor<? extends Message>> list2) {
        HashSet hashSet = new HashSet();
        Iterator<AuthenticationFlow> it = list.iterator();
        while (it.hasNext()) {
            Iterator it2 = it.next().getAllAuthenticators().iterator();
            while (it2.hasNext()) {
                installAuthnInterceptor(((AuthenticatorInstance) it2.next()).getRetrieval(), list2, hashSet);
            }
        }
    }

    private static void installAuthnInterceptor(BindingAuthn bindingAuthn, List<Interceptor<? extends Message>> list, Set<String> set) {
        if (set.contains(bindingAuthn.getAuthenticatorId())) {
            return;
        }
        Interceptor<? extends Message> mo5getInterceptor = ((CXFAuthentication) bindingAuthn).mo5getInterceptor();
        if (mo5getInterceptor != null) {
            list.add(mo5getInterceptor);
        }
        set.add(bindingAuthn.getAuthenticatorId());
    }

    public static void installExceptionHandlers(HashSet<Object> hashSet) {
        hashSet.add(new EngineExceptionMapper());
        hashSet.add(new NPEExceptionMapper());
        hashSet.add(new IllegalArgumentExceptionMapper());
        hashSet.add(new InternalExceptionMapper());
        hashSet.add(new JSONParseExceptionMapper());
        hashSet.add(new JSONParsingExceptionMapper());
        hashSet.add(new JSONExceptionMapper());
    }
}
