package ca.nrc.cadc.ac.server.web;

import ca.nrc.cadc.ac.server.EndpointConstants;
import ca.nrc.cadc.auth.AuthMethod;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NotAuthenticatedException;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.log.ServletLogInfo;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/ac/server/web/WhoAmIServlet.class */
public class WhoAmIServlet extends HttpServlet {
    private static final Logger log = Logger.getLogger(WhoAmIServlet.class);
    static final String USER_GET_PATH = "/%s?idType=%s";

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        long currentTimeMillis = System.currentTimeMillis();
        ServletLogInfo servletLogInfo = new ServletLogInfo(httpServletRequest);
        log.info(servletLogInfo.start());
        try {
            try {
                try {
                    Subject subject = getSubject(httpServletRequest);
                    AuthMethod authMethod = getAuthMethod(subject);
                    if (AuthMethod.ANON.equals(authMethod)) {
                        httpServletResponse.setStatus(401);
                        servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                        log.info(servletLogInfo.end());
                        return;
                    }
                    Principal principalForRestCall = getPrincipalForRestCall(subject);
                    if (principalForRestCall != null) {
                        redirect(httpServletRequest.getRequestURL(), httpServletResponse, principalForRestCall, authMethod);
                        servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                        log.info(servletLogInfo.end());
                    } else {
                        httpServletResponse.setStatus(400);
                        httpServletResponse.getWriter().print("No supported identities for /whoami");
                        servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                        log.info(servletLogInfo.end());
                    }
                } catch (IllegalArgumentException e) {
                    log.debug(e.getMessage(), e);
                    servletLogInfo.setMessage(e.getMessage());
                    httpServletResponse.setStatus(400);
                    servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                    log.info(servletLogInfo.end());
                }
            } catch (NotAuthenticatedException e2) {
                log.debug(e2.getMessage(), e2);
                servletLogInfo.setMessage(e2.getMessage());
                httpServletResponse.getWriter().write(e2.getMessage());
                httpServletResponse.setStatus(401);
                servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                log.info(servletLogInfo.end());
            } catch (Throwable th) {
                String str = "Internal Server Error: " + th.getMessage();
                log.error(str, th);
                servletLogInfo.setSuccess(false);
                servletLogInfo.setMessage(str);
                httpServletResponse.setStatus(500);
                servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                log.info(servletLogInfo.end());
            }
        } catch (Throwable th2) {
            servletLogInfo.setElapsedTime(Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            log.info(servletLogInfo.end());
            throw th2;
        }
    }

    private Principal getPrincipalForRestCall(Subject subject) {
        if (!subject.getPrincipals(HttpPrincipal.class).isEmpty()) {
            return (Principal) subject.getPrincipals(HttpPrincipal.class).iterator().next();
        }
        if (!subject.getPrincipals(X500Principal.class).isEmpty()) {
            return (Principal) subject.getPrincipals(X500Principal.class).iterator().next();
        }
        if (subject.getPrincipals(NumericPrincipal.class).isEmpty()) {
            return null;
        }
        return (Principal) subject.getPrincipals(NumericPrincipal.class).iterator().next();
    }

    public AuthMethod getAuthMethod(Subject subject) {
        return AuthenticationUtil.getAuthMethod(subject);
    }

    void redirect(StringBuffer stringBuffer, HttpServletResponse httpServletResponse, Principal principal, AuthMethod authMethod) throws IOException {
        URI create = URI.create(String.format(new URL((stringBuffer.substring(0, stringBuffer.indexOf(EndpointConstants.WHOAMI)) + EndpointConstants.USERS) + USER_GET_PATH).toString(), principal.getName(), AuthenticationUtil.getPrincipalType(principal)));
        log.debug("redirecting to " + create.toASCIIString());
        httpServletResponse.sendRedirect(create.toASCIIString());
    }

    Subject getSubject(HttpServletRequest httpServletRequest) {
        return AuthenticationUtil.getSubject(httpServletRequest);
    }
}
