package org.apache.nifi.web.security;

import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.authorization.user.NiFiUser;
import org.apache.nifi.authorization.user.NiFiUserUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:org/apache/nifi/web/security/ProxiedEntitiesUtils.class */
public class ProxiedEntitiesUtils {
    public static final String PROXY_ENTITIES_CHAIN = "X-ProxiedEntitiesChain";
    public static final String PROXY_ENTITIES_ACCEPTED = "X-ProxiedEntitiesAccepted";
    public static final String PROXY_ENTITIES_DETAILS = "X-ProxiedEntitiesDetails";
    private static final Pattern proxyChainPattern = Pattern.compile("<(.*?)>");

    public static String formatProxyDn(String str) {
        return "<" + str + ">";
    }

    public static List<String> tokenizeProxiedEntitiesChain(String str) {
        ArrayList arrayList = new ArrayList();
        Matcher matcher = proxyChainPattern.matcher(str);
        while (matcher.find()) {
            arrayList.add(matcher.group(1));
        }
        return arrayList;
    }

    public static String buildProxiedEntitiesChainString(NiFiUser niFiUser) {
        return formatProxyDn(StringUtils.join(NiFiUserUtils.buildProxiedEntitiesChain(niFiUser), "><"));
    }

    public static List<String> buildProxiedEntitiesChain(HttpServletRequest httpServletRequest, String str) {
        return tokenizeProxiedEntitiesChain(buildProxiedEntitiesChainString(httpServletRequest, str));
    }

    public static String buildProxiedEntitiesChainString(HttpServletRequest httpServletRequest, String str) {
        String formatProxyDn = (str.startsWith("<") && str.endsWith(">")) ? str : formatProxyDn(str);
        if (StringUtils.isNotBlank(httpServletRequest.getHeader(PROXY_ENTITIES_CHAIN))) {
            formatProxyDn = httpServletRequest.getHeader(PROXY_ENTITIES_CHAIN) + formatProxyDn;
        }
        return formatProxyDn;
    }

    public static void successfulAuthorization(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        if (StringUtils.isNotBlank(httpServletRequest.getHeader(PROXY_ENTITIES_CHAIN))) {
            httpServletResponse.setHeader(PROXY_ENTITIES_ACCEPTED, Boolean.TRUE.toString());
        }
    }

    public static void unsuccessfulAuthorization(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        if (StringUtils.isNotBlank(httpServletRequest.getHeader(PROXY_ENTITIES_CHAIN))) {
            httpServletResponse.setHeader(PROXY_ENTITIES_DETAILS, authenticationException.getMessage());
        }
    }
}
