package org.fabric3.binding.rs.runtime;

import java.lang.reflect.Method;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import net.sf.cglib.proxy.MethodInterceptor;
import net.sf.cglib.proxy.MethodProxy;
import org.fabric3.api.SecuritySubject;
import org.fabric3.spi.invocation.Message;
import org.fabric3.spi.invocation.MessageImpl;
import org.fabric3.spi.invocation.WorkContext;
import org.fabric3.spi.invocation.WorkContextTunnel;
import org.fabric3.spi.security.AuthenticationException;
import org.fabric3.spi.security.BasicAuthenticator;
import org.fabric3.spi.security.NoCredentialsException;
import org.fabric3.spi.wire.InvocationChain;

/* loaded from: input_file:org/fabric3/binding/rs/runtime/RsMethodInterceptor.class */
public class RsMethodInterceptor implements MethodInterceptor {
    private static final String FABRIC3_SUBJECT = "fabric3.subject";
    private Map<String, InvocationChain> invocationChains;
    private BasicAuthenticator authenticator;

    public RsMethodInterceptor(Map<String, InvocationChain> map) {
        this.invocationChains = map;
    }

    public RsMethodInterceptor(Map<String, InvocationChain> map, BasicAuthenticator basicAuthenticator) {
        this.invocationChains = map;
        this.authenticator = basicAuthenticator;
    }

    @Override // net.sf.cglib.proxy.MethodInterceptor
    public Object intercept(Object obj, Method method, Object[] objArr, MethodProxy methodProxy) throws Throwable {
        WorkContext threadWorkContext = WorkContextTunnel.getThreadWorkContext();
        authenticate(threadWorkContext);
        MessageImpl messageImpl = new MessageImpl(objArr, false, threadWorkContext);
        InvocationChain invocationChain = this.invocationChains.get(method.getName());
        if (invocationChain == null) {
            return null;
        }
        Message invoke = invocationChain.getHeadInterceptor().invoke(messageImpl);
        if (invoke.isFault()) {
            throw ((Throwable) invoke.getBody());
        }
        return invoke.getBody();
    }

    private void authenticate(WorkContext workContext) {
        SecuritySubject securitySubject;
        if (this.authenticator == null) {
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) workContext.getHeaders().get("fabric3.httpRequest");
        if (!"https".equals(httpServletRequest.getScheme())) {
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null && (securitySubject = (SecuritySubject) session.getAttribute(FABRIC3_SUBJECT)) != null) {
            workContext.setSubject(securitySubject);
            return;
        }
        try {
            this.authenticator.authenticate(httpServletRequest, workContext);
        } catch (AuthenticationException e) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        } catch (NoCredentialsException e2) {
            throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).header(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"fabric3\"").build());
        }
    }
}
