package fi.vm.sade.generic.healthcheck;

import fi.vm.sade.generic.rest.CachingRestClient;
import javax.servlet.ServletContext;
import org.springframework.beans.factory.support.AbstractBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:WEB-INF/lib/generic-common-9.6-SNAPSHOT.jar:fi/vm/sade/generic/healthcheck/ProxyAuthenticationChecker.class */
public class ProxyAuthenticationChecker implements HealthChecker {
    private ServletContext servletContext;
    private ApplicationContext ctx;

    public ProxyAuthenticationChecker(ServletContext servletContext, ApplicationContext applicationContext) {
        this.servletContext = servletContext;
        this.ctx = applicationContext;
    }

    @Override // fi.vm.sade.generic.healthcheck.HealthChecker
    public Object checkHealth() throws Throwable {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || (authentication instanceof AnonymousAuthenticationToken)) {
            return "(must be logged in for proxyauth health check to work)";
        }
        String name = authentication.getName();
        String replaceAll = this.servletContext.getContextPath().replaceAll("/", "");
        CachingRestClient clientSubSystemCode = new CachingRestClient().setClientSubSystemCode(replaceAll + ".ProxyAuthenticationChecker");
        clientSubSystemCode.setUseProxyAuthentication(true);
        clientSubSystemCode.setWebCasUrl(getProperty("web.url.cas"));
        String property = getProperty("cas.service." + replaceAll);
        clientSubSystemCode.setCasService(property);
        try {
            String asString = clientSubSystemCode.getAsString(property + "/healthcheck?userinfo");
            if (asString.contains("\"name\": \"" + name + "\",")) {
                return "proxyauth ok for: " + name;
            }
            throw new Exception("proxied response should have contained current user's info (" + name + "):\n" + asString);
        } catch (Exception e) {
            if (property.contains("localhost")) {
                return "NOTE! proxyauth cannot work with localhost-urls, error: " + e.getMessage();
            }
            throw e;
        }
    }

    private String getProperty(String str) {
        return ((AbstractBeanFactory) this.ctx.getAutowireCapableBeanFactory()).resolveEmbeddedValue("${" + str + "}");
    }
}
