package org.apache.clerezza.platform.security.auth;

import java.security.AccessControlContext;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Comparator;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.security.auth.Subject;
import org.apache.clerezza.platform.security.UserUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wymiwyg.wrhapi.Handler;
import org.wymiwyg.wrhapi.HandlerException;
import org.wymiwyg.wrhapi.Request;
import org.wymiwyg.wrhapi.Response;
import org.wymiwyg.wrhapi.filter.Filter;

/* loaded from: input_file:bundles/startlevel-2/org/apache/clerezza/platform.security/0.8-incubating/platform.security-0.8-incubating.jar:org/apache/clerezza/platform/security/auth/AuthenticatingFilter.class */
public class AuthenticatingFilter implements Filter {
    private final Logger logger = LoggerFactory.getLogger(AuthenticatingFilter.class);
    private SortedSet<WeightedAuthenticationMethod> methodList = new TreeSet(new WeightedAuthMethodComparator());

    /* loaded from: input_file:bundles/startlevel-2/org/apache/clerezza/platform.security/0.8-incubating/platform.security-0.8-incubating.jar:org/apache/clerezza/platform/security/auth/AuthenticatingFilter$WeightedAuthMethodComparator.class */
    static class WeightedAuthMethodComparator implements Comparator<WeightedAuthenticationMethod> {
        WeightedAuthMethodComparator() {
        }

        @Override // java.util.Comparator
        public int compare(WeightedAuthenticationMethod weightedAuthenticationMethod, WeightedAuthenticationMethod weightedAuthenticationMethod2) {
            int weight = weightedAuthenticationMethod.getWeight();
            int weight2 = weightedAuthenticationMethod2.getWeight();
            return weight != weight2 ? weight2 - weight : weightedAuthenticationMethod.getClass().toString().compareTo(weightedAuthenticationMethod2.getClass().toString());
        }
    }

    @Override // org.wymiwyg.wrhapi.filter.Filter
    public void handle(final Request request, final Response response, final Handler handler) throws HandlerException {
        Subject subject = getSubject();
        WeightedAuthenticationMethod weightedAuthenticationMethod = null;
        try {
            Iterator<WeightedAuthenticationMethod> it = this.methodList.iterator();
            while (it.hasNext()) {
                weightedAuthenticationMethod = it.next();
                if (weightedAuthenticationMethod.authenticate(request, subject)) {
                    break;
                }
            }
            Set<Principal> principals = subject.getPrincipals();
            if (principals.size() == 0) {
                principals.add(UserUtil.ANONYMOUS);
            }
            try {
                Subject.doAsPrivileged(subject, new PrivilegedExceptionAction() { // from class: org.apache.clerezza.platform.security.auth.AuthenticatingFilter.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        handler.handle(request, response);
                        return null;
                    }
                }, (AccessControlContext) null);
            } catch (SecurityException e) {
                this.logger.debug("SecurityException: {}", (Throwable) e);
                writeLoginResponse(request, response, e);
            } catch (PrivilegedActionException e2) {
                Throwable cause = e2.getCause();
                if (cause instanceof HandlerException) {
                    throw ((HandlerException) cause);
                }
                if (!(cause instanceof RuntimeException)) {
                    throw new RuntimeException(e2);
                }
                throw ((RuntimeException) cause);
            }
        } catch (LoginException e3) {
            if (weightedAuthenticationMethod.writeLoginResponse(request, response, e3)) {
                return;
            }
            writeLoginResponse(request, response, e3);
        }
    }

    private Subject getSubject() {
        Subject currentSubject = UserUtil.getCurrentSubject();
        if (currentSubject == null) {
            currentSubject = new Subject();
        }
        return currentSubject;
    }

    protected void bindWeightedAuthenticationMethod(WeightedAuthenticationMethod weightedAuthenticationMethod) {
        this.methodList.add(weightedAuthenticationMethod);
    }

    protected void unbindWeightedAuthenticationMethod(WeightedAuthenticationMethod weightedAuthenticationMethod) {
        this.methodList.remove(weightedAuthenticationMethod);
    }

    private void writeLoginResponse(Request request, Response response, Throwable th) throws HandlerException {
        Iterator<WeightedAuthenticationMethod> it = this.methodList.iterator();
        while (it.hasNext() && !it.next().writeLoginResponse(request, response, th)) {
        }
    }
}
