package org.fabric3.binding.rs.runtime;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.fabric3.api.SecuritySubject;
import org.fabric3.spi.invocation.Message;
import org.fabric3.spi.invocation.MessageCache;
import org.fabric3.spi.invocation.WorkContext;
import org.fabric3.spi.invocation.WorkContextCache;
import org.fabric3.spi.security.AuthenticationException;
import org.fabric3.spi.security.BasicAuthenticator;
import org.fabric3.spi.security.NoCredentialsException;
import org.fabric3.spi.security.NotAuthorizedException;
import org.fabric3.spi.wire.InvocationChain;
import org.oasisopen.sca.ServiceRuntimeException;

/* loaded from: input_file:org/fabric3/binding/rs/runtime/F3ResourceHandler.class */
public class F3ResourceHandler {
    private static final String FABRIC3_SUBJECT = "fabric3.subject";
    private Class<?> interfaze;
    private Map<String, InvocationChain> chains;
    private boolean authenticate;
    private BasicAuthenticator authenticator;

    public F3ResourceHandler(Class<?> cls, Map<String, InvocationChain> map, boolean z, BasicAuthenticator basicAuthenticator) {
        this.interfaze = cls;
        this.chains = map;
        this.authenticate = z;
        this.authenticator = basicAuthenticator;
    }

    public Class<?> getInterface() {
        return this.interfaze;
    }

    public Object invoke(Method method, Object[] objArr) throws Throwable {
        InvocationChain invocationChain = this.chains.get(method.getName());
        if (invocationChain == null) {
            throw new ServiceRuntimeException("Unknown resource method: " + method.toString());
        }
        WorkContext threadWorkContext = WorkContextCache.getThreadWorkContext();
        Message andResetMessage = MessageCache.getAndResetMessage();
        try {
            try {
                if (this.authenticate) {
                    authenticate(threadWorkContext);
                }
                andResetMessage.setWorkContext(threadWorkContext);
                andResetMessage.setBody(objArr);
                if (invocationChain == null) {
                    return null;
                }
                Message invoke = invocationChain.getHeadInterceptor().invoke(andResetMessage);
                if (invoke.isFault()) {
                    Object handleFault = handleFault(invoke);
                    andResetMessage.reset();
                    return handleFault;
                }
                Object body = invoke.getBody();
                andResetMessage.reset();
                return body;
            } catch (RuntimeException e) {
                throw new InvocationTargetException(e);
            }
        } finally {
            andResetMessage.reset();
        }
    }

    private Object handleFault(Message message) throws InvocationTargetException {
        if (!(message.getBody() instanceof ServiceRuntimeException)) {
            throw new InvocationTargetException((Throwable) message.getBody());
        }
        ServiceRuntimeException serviceRuntimeException = (ServiceRuntimeException) message.getBody();
        if (serviceRuntimeException.getCause() instanceof NotAuthorizedException) {
            throw new InvocationTargetException(new WebApplicationException(Response.Status.FORBIDDEN));
        }
        throw new InvocationTargetException(serviceRuntimeException);
    }

    private void authenticate(WorkContext workContext) {
        SecuritySubject securitySubject;
        HttpServletRequest httpServletRequest = (HttpServletRequest) workContext.getHeaders().get("fabric3.httpRequest");
        if (!"https".equals(httpServletRequest.getScheme())) {
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null && (securitySubject = (SecuritySubject) session.getAttribute(FABRIC3_SUBJECT)) != null) {
            workContext.setSubject(securitySubject);
            return;
        }
        try {
            this.authenticator.authenticate(httpServletRequest, workContext);
        } catch (NoCredentialsException e) {
            throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic realm=\"fabric3\"").build());
        } catch (AuthenticationException e2) {
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
    }
}
