package org.astrogrid.security.delegation;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.AccessControlException;
import java.security.GeneralSecurityException;
import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.astrogrid.security.HttpsServiceSecurityGuard;
import org.mortbay.http.HttpRequest;

/* loaded from: input_file:org/astrogrid/security/delegation/DelegationListProcessor.class */
public class DelegationListProcessor extends ResourceProcessor {
    private static Log log = LogFactory.getLog(DelegationListProcessor.class);

    @Override // org.astrogrid.security.delegation.ResourceProcessor
    public void service(HttpServletRequest httpServletRequest, DelegationUri delegationUri, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getMethod().equals(HttpRequest.__GET)) {
            sendDelegationList(httpServletResponse);
        } else if (httpServletRequest.getMethod().equals("POST")) {
            createIdentity(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.setHeader("Accept", "GET, POST");
            httpServletResponse.sendError(405);
        }
    }

    private void sendDelegationList(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("text/plain");
        PrintWriter writer = httpServletResponse.getWriter();
        for (Object obj : Delegations.getInstance().getPrincipals()) {
            writer.println(obj);
        }
        writer.close();
    }

    private void createIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String createInsecureIdentity;
        try {
            if (httpServletRequest.isSecure()) {
                createInsecureIdentity = createSecureIdentity(httpServletRequest);
                log.info("Delegation is begun for " + Delegations.getInstance().getName(createInsecureIdentity) + " (" + createInsecureIdentity + "; authenticated).");
            } else {
                createInsecureIdentity = createInsecureIdentity(httpServletRequest);
                log.info("Delegation is begun for " + Delegations.getInstance().getName(createInsecureIdentity) + " (" + createInsecureIdentity + "; unauthenticated).");
            }
            StringBuffer requestURL = httpServletRequest.getRequestURL();
            requestURL.append('/');
            requestURL.append(createInsecureIdentity);
            httpServletResponse.addHeader("Location", httpServletResponse.encodeRedirectURL(requestURL.toString()));
            httpServletResponse.setStatus(201);
        } catch (AccessControlException e) {
            log.info("Delegation failed: " + e.getMessage());
            httpServletResponse.sendError(400, e.getMessage());
        } catch (GeneralSecurityException e2) {
            log.info("Delegation failed: " + e2.getMessage());
            httpServletResponse.sendError(500, e2.getMessage());
        }
    }

    private String createSecureIdentity(HttpServletRequest httpServletRequest) throws IOException, GeneralSecurityException {
        HttpsServiceSecurityGuard httpsServiceSecurityGuard = new HttpsServiceSecurityGuard();
        httpsServiceSecurityGuard.loadHttpsAuthentication(httpServletRequest);
        X500Principal x500Principal = httpsServiceSecurityGuard.getX500Principal();
        if (x500Principal == null) {
            throw new AccessControlException("Delegation failed because the caller is not authenticated.");
        }
        return Delegations.getInstance().initializeIdentity(x500Principal);
    }

    private String createInsecureIdentity(HttpServletRequest httpServletRequest) throws IOException, GeneralSecurityException {
        String parameter = httpServletRequest.getParameter("DN");
        if (parameter == null) {
            throw new AccessControlException("No value was given for the DN parameter.");
        }
        return Delegations.getInstance().initializeIdentity(parameter);
    }
}
