package de.taimos.springcxfdaemon.providers;

import java.io.IOException;
import javax.security.auth.Subject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.interceptor.security.DefaultSecurityContext;
import org.apache.cxf.jaxrs.impl.HttpHeadersImpl;
import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.security.SecurityContext;

@Provider
/* loaded from: input_file:de/taimos/springcxfdaemon/providers/AuthorizationProvider.class */
public abstract class AuthorizationProvider implements ContainerRequestFilter {
    public final void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Message currentMessage = JAXRSUtils.getCurrentMessage();
        HttpHeadersImpl httpHeadersImpl = new HttpHeadersImpl(currentMessage);
        String headerString = httpHeadersImpl.getHeaderString("Authorization");
        if (headerString != null && !headerString.isEmpty() && headerString.indexOf(" ") != -1) {
            int indexOf = headerString.indexOf(" ");
            SecurityContext handleAuthHeader = handleAuthHeader(containerRequestContext, currentMessage, headerString.substring(0, indexOf), headerString.substring(indexOf + 1));
            if (handleAuthHeader != null) {
                currentMessage.put(SecurityContext.class, handleAuthHeader);
                return;
            }
        }
        SecurityContext handleOther = handleOther(containerRequestContext, currentMessage, httpHeadersImpl);
        if (handleOther != null) {
            currentMessage.put(SecurityContext.class, handleOther);
        } else if (isAuthorizationMandatory()) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
        }
    }

    protected abstract boolean isAuthorizationMandatory();

    protected abstract SecurityContext handleAuthHeader(ContainerRequestContext containerRequestContext, Message message, String str, String str2);

    protected abstract SecurityContext handleOther(ContainerRequestContext containerRequestContext, Message message, HttpHeaders httpHeaders);

    protected static SecurityContext createSC(String str, String... strArr) {
        Subject subject = new Subject();
        SimplePrincipal simplePrincipal = new SimplePrincipal(str);
        subject.getPrincipals().add(simplePrincipal);
        if (strArr != null) {
            for (String str2 : strArr) {
                subject.getPrincipals().add(new SimplePrincipal(str2));
            }
        }
        return new DefaultSecurityContext(simplePrincipal, subject);
    }
}
