package org.apache.airavata.services.registry.rest.security.session;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.airavata.security.AbstractAuthenticator;
import org.apache.airavata.security.AuthenticationException;
import org.apache.airavata.security.UserStoreException;
import org.w3c.dom.Node;

/* loaded from: input_file:WEB-INF/lib/airavata-rest-services-0.6.jar:org/apache/airavata/services/registry/rest/security/session/SessionAuthenticator.class */
public class SessionAuthenticator extends AbstractAuthenticator {
    private static final String AUTHENTICATOR_NAME = "SessionAuthenticator";
    private static final String SESSION_TICKET = "sessionTicket";

    public SessionAuthenticator() {
        super(AUTHENTICATOR_NAME);
    }

    @Override // org.apache.airavata.security.AbstractAuthenticator
    public boolean doAuthentication(Object obj) throws AuthenticationException {
        if (obj == null) {
            return false;
        }
        try {
            return getUserStore().authenticate(((HttpServletRequest) obj).getHeader(SESSION_TICKET));
        } catch (UserStoreException e) {
            throw new AuthenticationException("Error querying database for session information.", e);
        }
    }

    @Override // org.apache.airavata.security.AbstractAuthenticator, org.apache.airavata.security.Authenticator
    public boolean canProcess(Object obj) {
        return (obj instanceof HttpServletRequest) && ((HttpServletRequest) obj).getHeader(SESSION_TICKET) != null;
    }

    @Override // org.apache.airavata.security.AbstractAuthenticator
    public void onSuccessfulAuthentication(Object obj) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) obj;
        String header = httpServletRequest.getHeader(SESSION_TICKET);
        HttpSession session = httpServletRequest.getSession();
        if (session != null) {
            session.setAttribute(SESSION_TICKET, header);
        }
        log.debug("A request with a session ticket is successfully logged in.");
    }

    @Override // org.apache.airavata.security.AbstractAuthenticator
    public void onFailedAuthentication(Object obj) {
        log.warn("Failed attempt to login.");
    }

    @Override // org.apache.airavata.security.Authenticator
    public void configure(Node node) throws RuntimeException {
        try {
            getUserStore().configure(node);
        } catch (UserStoreException e) {
            throw new RuntimeException("Error while configuring authenticator user store", e);
        }
    }

    @Override // org.apache.airavata.security.Authenticator
    public boolean isAuthenticated(Object obj) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) obj;
        return (httpServletRequest.getSession() == null || ((String) httpServletRequest.getSession().getAttribute(SESSION_TICKET)) == null) ? false : true;
    }
}
