package com.ibm.wkplc.learning.lms.service.webservice.handler;

import com.ibm.websphere.security.auth.callback.WSCallbackHandlerImpl;
import com.ibm.wkplc.learning.lms.service.webservice.util.SOAPConstants;
import com.ibm.wkplc.learning.lms.service.webservice.util.SOAPUtil;
import com.ibm.workplace.db.persist.logging.Situation;
import com.ibm.workplace.util.logging.Log;
import com.ibm.workplace.util.logging.LogMgr;
import com.ibm.ws.security.common.auth.WSPrincipalImpl;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.GenericHandler;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.rpc.soap.SOAPFaultException;
import javax.xml.soap.Detail;
import javax.xml.soap.SOAPException;

/* loaded from: input_file:efixes/2.7.0.3-WCL-LRNSRVR-IFLO31767/components/common.svc_._learningserver_._ear/update.jar:/Learning/Learning/learningserver/installableApps/lrnSrvrEar.ear:common.commonWS.jar:com/ibm/wkplc/learning/lms/service/webservice/handler/WASCredTokenAuthHandler.class */
public class WASCredTokenAuthHandler extends GenericHandler {
    private static LogMgr mLogger;
    private static final QName QNAME_LTPA_TOKEN;
    static Class class$com$ibm$wkplc$learning$lms$service$webservice$handler$WASCredTokenAuthHandler;
    static Class class$com$ibm$websphere$security$auth$WSPrincipal;

    public QName[] getHeaders() {
        return new QName[]{QNAME_LTPA_TOKEN};
    }

    public boolean handleRequest(MessageContext messageContext) {
        Class cls;
        String str = null;
        String str2 = null;
        String str3 = "";
        WSCallbackHandlerImpl wSCallbackHandlerImpl = null;
        try {
            HttpServletRequest httpServletRequest = (HttpServletRequest) messageContext.getProperty(SOAPConstants.MESSAGE_CONTEXT_SERVLET_REQUEST);
            Cookie[] cookies = httpServletRequest.getCookies();
            if (null != cookies) {
                for (int i = 0; i < cookies.length; i++) {
                    if (cookies[i].getName().equals("LtpaToken")) {
                        str2 = cookies[i].getValue();
                    }
                }
            }
            if (null == str2) {
                str2 = SOAPUtil.getHeaderValue(((SOAPMessageContext) messageContext).getMessage(), QNAME_LTPA_TOKEN);
            }
            str = (String) messageContext.getProperty("javax.xml.rpc.security.auth.username");
            String str4 = (String) messageContext.getProperty("javax.xml.rpc.security.auth.password");
            Principal userPrincipal = httpServletRequest.getUserPrincipal();
            if (null != userPrincipal) {
                str3 = userPrincipal.getName();
                if (mLogger.isTraceDebugEnabled()) {
                    mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("Container authenticated user ").append(str3).toString());
                }
            } else if (null != str2) {
                if (mLogger.isTraceDebugEnabled()) {
                    mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("Attempting to authenticate LtpaToken ").append(str2).toString());
                }
                wSCallbackHandlerImpl = new WSCallbackHandlerImpl(str2.getBytes());
            } else if (null != str && !str.equals("")) {
                if (mLogger.isTraceDebugEnabled()) {
                    mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("Attempting to authenticate user ").append(str).toString());
                }
                wSCallbackHandlerImpl = new WSCallbackHandlerImpl(str, str4);
            }
            LoginContext loginContext = null != wSCallbackHandlerImpl ? new LoginContext("WSLogin", wSCallbackHandlerImpl) : null;
            r19 = null;
            if (null != loginContext) {
                try {
                    loginContext.login();
                    Subject subject = loginContext.getSubject();
                    if (class$com$ibm$websphere$security$auth$WSPrincipal == null) {
                        cls = class$("com.ibm.websphere.security.auth.WSPrincipal");
                        class$com$ibm$websphere$security$auth$WSPrincipal = cls;
                    } else {
                        cls = class$com$ibm$websphere$security$auth$WSPrincipal;
                    }
                    for (Principal principal : subject.getPrincipals(cls)) {
                        if (mLogger.isInfoEnabled()) {
                            mLogger.info("info_auth_principle", Situation.SITUATION_CONFIGURE, new String[]{principal.getName()});
                        }
                    }
                    str3 = principal.getName();
                    int indexOf = str3.indexOf("/");
                    if (indexOf != -1) {
                        str3 = str3.substring(indexOf + 1);
                    }
                    httpServletRequest.setAttribute("com.ibm.workplace.elearn.LMSUserPrincipal", new WSPrincipalImpl(str3));
                    httpServletRequest.setAttribute("request.principal", principal);
                } catch (LoginException e) {
                    if (mLogger.isTraceDebugEnabled()) {
                        mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("Login failed ").append(e.getMessage()).toString());
                    }
                    throw new SOAPFaultException(new QName("Server", "Unauthenticated"), mLogger.getString("err_user_authentication_failed", new Object[]{str}), (String) null, (Detail) null);
                }
            }
            messageContext.setProperty("javax.xml.rpc.security.auth.username", str3);
            return true;
        } catch (LoginException e2) {
            if (mLogger.isTraceDebugEnabled()) {
                mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("ERROR: failed to instantiate a LoginContext and the exception: ").append(e2.getMessage()).toString());
            }
            throw new SOAPFaultException(new QName("Server", "Unauthenticated"), mLogger.getString("err_user_authentication_failed", new Object[]{str}), (String) null, (Detail) null);
        } catch (SOAPException e3) {
            if (mLogger.isTraceDebugEnabled()) {
                mLogger.traceDebug("WASCredTokenAuthHandler", "invoke", new StringBuffer().append("ERROR: failed to read SOAP Header with exception: ").append(e3.getMessage()).toString());
            }
            throw new SOAPFaultException(new QName("Server", "Unauthenticated"), mLogger.getString("err_user_authentication_failed", new Object[]{str}), (String) null, (Detail) null);
        }
    }

    public void onFault(MessageContext messageContext) {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$wkplc$learning$lms$service$webservice$handler$WASCredTokenAuthHandler == null) {
            cls = class$("com.ibm.wkplc.learning.lms.service.webservice.handler.WASCredTokenAuthHandler");
            class$com$ibm$wkplc$learning$lms$service$webservice$handler$WASCredTokenAuthHandler = cls;
        } else {
            cls = class$com$ibm$wkplc$learning$lms$service$webservice$handler$WASCredTokenAuthHandler;
        }
        mLogger = Log.get(cls);
        QNAME_LTPA_TOKEN = new QName("com.ibm.workplace.elearn", "LtpaToken");
    }
}
