package org.apache.chemistry.opencmis.server.impl.browser.token;

import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException;
import org.apache.chemistry.opencmis.commons.impl.Constants;
import org.apache.chemistry.opencmis.commons.server.CallContext;
import org.apache.chemistry.opencmis.server.shared.BasicAuthCallContextHandler;
import org.apache.chemistry.opencmis.server.shared.HttpUtils;

/* loaded from: input_file:WEB-INF/lib/chemistry-opencmis-server-bindings-0.13.0.jar:org/apache/chemistry/opencmis/server/impl/browser/token/TokenCallContextHandler.class */
public class TokenCallContextHandler extends BasicAuthCallContextHandler implements TokenHandler {
    private static final long serialVersionUID = 1;
    private final TokenHandler tokenHandler = new SimpleTokenHandler();

    @Override // org.apache.chemistry.opencmis.server.shared.BasicAuthCallContextHandler, org.apache.chemistry.opencmis.server.shared.CallContextHandler
    public Map<String, String> getCallContextMap(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Map<String, String> callContextMap = super.getCallContextMap(httpServletRequest);
        if (callContextMap != null && !callContextMap.isEmpty()) {
            hashMap.putAll(callContextMap);
        }
        if (!"lastresult".equalsIgnoreCase(HttpUtils.getStringParameter(httpServletRequest, Constants.PARAM_SELECTOR))) {
            if (httpServletRequest.getParameter("token") != null) {
                if (!SimpleTokenHandlerSessionHelper.testAndInvalidateToken(httpServletRequest)) {
                    throw new CmisPermissionDeniedException("Invalid token!");
                }
                hashMap.put(CallContext.USERNAME, SimpleTokenHandlerSessionHelper.getUser(httpServletRequest, SimpleTokenHandlerSessionHelper.getApplicationIdFromKey(SimpleTokenHandlerSessionHelper.getToken(httpServletRequest))));
                hashMap.put("password", null);
            }
            if (!hashMap.containsKey(CallContext.USERNAME)) {
                throw new CmisPermissionDeniedException("No authentication!");
            }
        }
        return hashMap;
    }

    @Override // org.apache.chemistry.opencmis.server.impl.browser.token.TokenHandler
    public void service(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.tokenHandler.service(servletContext, httpServletRequest, httpServletResponse);
    }
}
