package fi.vm.sade.generic.ui.portlet.security;

import fi.vm.sade.authentication.cas.CasClient;
import fi.vm.sade.generic.rest.CachingRestClient;
import fi.vm.sade.generic.ui.portlet.security.ProxyAuthenticator;
import java.net.HttpURLConnection;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/generic-common-9.6-SNAPSHOT.jar:fi/vm/sade/generic/ui/portlet/security/AbstractSecurityTicketOutInterceptor.class */
public class AbstractSecurityTicketOutInterceptor<T extends Message> extends AbstractPhaseInterceptor<T> {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AbstractSecurityTicketOutInterceptor.class);

    @Value("${auth.mode:cas}")
    private String authMode;
    private ProxyAuthenticator proxyAuthenticator;

    public AbstractSecurityTicketOutInterceptor() {
        super(Phase.PRE_PROTOCOL);
        this.proxyAuthenticator = new ProxyAuthenticator();
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(final T t) throws Fault {
        final String casTargetService = getCasTargetService((String) t.get(Message.ENDPOINT_ADDRESS));
        this.proxyAuthenticator.proxyAuthenticate(casTargetService, this.authMode, new ProxyAuthenticator.Callback() { // from class: fi.vm.sade.generic.ui.portlet.security.AbstractSecurityTicketOutInterceptor.1
            @Override // fi.vm.sade.generic.ui.portlet.security.ProxyAuthenticator.Callback
            public void setRequestHeader(String str, String str2) {
                AbstractSecurityTicketOutInterceptor.log.info("setRequestHeader: " + str + "=" + str2 + " (targetService: " + casTargetService + ")");
                ((HttpURLConnection) t.get("http.connection")).setRequestProperty(str, str2);
            }

            @Override // fi.vm.sade.generic.ui.portlet.security.ProxyAuthenticator.Callback
            public void gotNewTicket(Authentication authentication, String str) {
                AbstractSecurityTicketOutInterceptor.log.info("gotNewTicket, auth: " + authentication.getName() + ", proxyTicket: " + str + ", (targetService: " + casTargetService + ")");
            }
        });
    }

    @Override // org.apache.cxf.phase.AbstractPhaseInterceptor, org.apache.cxf.interceptor.Interceptor
    public void handleFault(Message message) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof CasAuthenticationToken) {
            log.error("FAULT in request, targetService: " + getCasTargetService((String) message.get(Message.ENDPOINT_ADDRESS)) + ", authentication: " + authentication.getName() + ", msgProxyTicket: " + ((HttpURLConnection) message.get("http.connection")).getRequestProperty(CachingRestClient.CAS_SECURITY_TICKET));
        }
        log.error("FAULT in request, message: " + message);
    }

    private static String getCasTargetService(String str) {
        return str.replaceAll("(.*?//.*?/.*?)/.*", "$1") + CasClient.SERVICE_URL_SUFFIX;
    }

    public void setAuthMode(String str) {
        this.authMode = str;
    }

    public void setProxyAuthenticator(ProxyAuthenticator proxyAuthenticator) {
        this.proxyAuthenticator = proxyAuthenticator;
    }
}
