package org.apache.wink.client.handlers;

import com.ibm.websphere.security.web.WebSecurityHelper;
import javax.servlet.http.Cookie;
import javax.ws.rs.core.HttpHeaders;
import org.apache.wink.client.ClientAuthenticationException;
import org.apache.wink.client.ClientRequest;
import org.apache.wink.client.ClientResponse;
import org.apache.wink.common.internal.i18n.Messages;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:targets/liberty8557/third-party/com.ibm.websphere.appserver.thirdparty.jaxrs_1.0.14.jar:org/apache/wink/client/handlers/LtpaAuthSecurityHandler.class
 */
/* loaded from: input_file:targets/liberty855/third-party/com.ibm.websphere.appserver.thirdparty.jaxrs_1.0.8.jar:org/apache/wink/client/handlers/LtpaAuthSecurityHandler.class */
public class LtpaAuthSecurityHandler extends AbstractAuthSecurityHandler implements ClientHandler {
    private static Logger logger = LoggerFactory.getLogger(LtpaAuthSecurityHandler.class);

    @Override // org.apache.wink.client.handlers.ClientHandler
    public ClientResponse handle(ClientRequest clientRequest, HandlerContext handlerContext) throws Exception {
        logger.debug("Entering LtpaAuthSecurityHandler.handle");
        if (isSSLRequired() && !clientRequest.getURI().getScheme().equalsIgnoreCase("https")) {
            logger.debug("Cannot send user credentials over a non-SSL connection");
            throw new ClientAuthenticationException(Messages.getMessage("userCredNotAllowedOverNonSSLConnection"));
        }
        ClientResponse doChain = handlerContext.doChain(clientRequest);
        int statusCode = doChain.getStatusCode();
        logger.debug("Response status code was {}", Integer.valueOf(statusCode));
        if (statusCode != 401) {
            logger.debug("Status code was not 401 so no need to re-issue request.");
            return doChain;
        }
        logger.debug("Preparing to issue request again with Authorization header");
        logger.debug("About to get an LTPA authentication token");
        Cookie sSOCookieFromSSOToken = WebSecurityHelper.getSSOCookieFromSSOToken();
        if (sSOCookieFromSSOToken == null || sSOCookieFromSSOToken.getValue() == null || sSOCookieFromSSOToken.getValue().isEmpty() || sSOCookieFromSSOToken.getName() == null) {
            logger.debug("cannot find an ltpa authentication token off of the thread");
            throw new ClientAuthenticationException(Messages.getMessage("missingClientAuthenticationCredentialForUserLTPA"));
        }
        logger.debug("Retrieved an LTPA authentication token. About to set a request cookie");
        clientRequest.getHeaders().putSingle(HttpHeaders.COOKIE, sSOCookieFromSSOToken.getName() + "=" + sSOCookieFromSSOToken.getValue());
        ClientResponse doChain2 = handlerContext.doChain(clientRequest);
        if (doChain2.getStatusCode() == 401) {
            logger.debug("After sending request with Authorization header, still got 401 response");
            throw new ClientAuthenticationException(Messages.getMessage("serviceFailedToAuthenticateUserLTPA"));
        }
        logger.debug("Got a non-401 response, so returning response");
        logger.debug("Exiting LtpaAuthSecurityHandler.handle");
        return doChain2;
    }
}
