package org.wso2.carbon.apimgt.rest.api.util.interceptors.auth;

import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.rest.api.util.MethodStats;
import org.wso2.carbon.apimgt.rest.api.util.MethodTimeLogger;
import org.wso2.carbon.apimgt.rest.api.util.utils.EntitlementServiceClient;
import org.wso2.carbon.apimgt.rest.api.util.utils.RestApiUtil;

@Deprecated
/* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/XACMLAuthenticationInterceptor.class */
public class XACMLAuthenticationInterceptor extends AbstractPhaseInterceptor {
    private static final Log logger;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/XACMLAuthenticationInterceptor$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            XACMLAuthenticationInterceptor.handleMessage_aroundBody0((XACMLAuthenticationInterceptor) objArr2[0], (Message) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/XACMLAuthenticationInterceptor$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(XACMLAuthenticationInterceptor.handleRequest_aroundBody2((XACMLAuthenticationInterceptor) objArr2[0], (Message) objArr2[1], (ClassResourceInfo) objArr2[2], (JoinPoint) objArr2[3]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/util/interceptors/auth/XACMLAuthenticationInterceptor$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(XACMLAuthenticationInterceptor.isUserPermitted_aroundBody4((XACMLAuthenticationInterceptor) objArr2[0], (String) objArr2[1], (String) objArr2[2], (String) objArr2[3], (String[]) objArr2[4], (JoinPoint) objArr2[5]));
        }
    }

    static {
        ajc$preClinit();
        logger = LogFactory.getLog(XACMLAuthenticationInterceptor.class);
    }

    public XACMLAuthenticationInterceptor() {
        super("pre-invoke");
    }

    public void handleMessage(Message message) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, message);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, message, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            handleMessage_aroundBody0(this, message, makeJP);
        }
    }

    public boolean handleRequest(Message message, ClassResourceInfo classResourceInfo) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, message, classResourceInfo);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, message, classResourceInfo, makeJP}).linkClosureAndJoinPoint(69648))) : handleRequest_aroundBody2(this, message, classResourceInfo, makeJP);
    }

    private boolean isUserPermitted(String str, String str2, String str3, String[] strArr) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this, new Object[]{str, str2, str3, strArr});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, str, str2, str3, strArr, makeJP}).linkClosureAndJoinPoint(69648))) : isUserPermitted_aroundBody4(this, str, str2, str3, strArr, makeJP);
    }

    static final void handleMessage_aroundBody0(XACMLAuthenticationInterceptor xACMLAuthenticationInterceptor, Message message, JoinPoint joinPoint) {
        if (RestApiUtil.checkIfAnonymousAPI(message)) {
            return;
        }
        xACMLAuthenticationInterceptor.handleRequest(message, null);
    }

    static final boolean handleRequest_aroundBody2(XACMLAuthenticationInterceptor xACMLAuthenticationInterceptor, Message message, ClassResourceInfo classResourceInfo, JoinPoint joinPoint) {
        if (logger.isDebugEnabled()) {
            logger.debug(String.format("Authenticating request: " + message.getId(), new Object[0]));
        }
        AuthorizationPolicy authorizationPolicy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
        if (authorizationPolicy == null) {
            logger.error("Authentication failed: Basic authentication header is missing");
            return false;
        }
        String trim = StringUtils.trim(authorizationPolicy.getUserName());
        if (!StringUtils.isEmpty(trim)) {
            return xACMLAuthenticationInterceptor.isUserPermitted(trim, (String) message.get("org.apache.cxf.request.uri"), (String) message.get("org.apache.cxf.request.method"), null);
        }
        logger.error("Username cannot be null/empty.");
        return false;
    }

    static final boolean isUserPermitted_aroundBody4(XACMLAuthenticationInterceptor xACMLAuthenticationInterceptor, String str, String str2, String str3, String[] strArr, JoinPoint joinPoint) {
        try {
            return new EntitlementServiceClient().validateAction(str, str2, str3, strArr).equalsIgnoreCase("Permit");
        } catch (Exception e) {
            logger.error("Error while validating XACML request" + e);
            return false;
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("XACMLAuthenticationInterceptor.java", XACMLAuthenticationInterceptor.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "handleMessage", "org.wso2.carbon.apimgt.rest.api.util.interceptors.auth.XACMLAuthenticationInterceptor", "org.apache.cxf.message.Message", "inMessage", "", "void"), 41);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "handleRequest", "org.wso2.carbon.apimgt.rest.api.util.interceptors.auth.XACMLAuthenticationInterceptor", "org.apache.cxf.message.Message:org.apache.cxf.jaxrs.model.ClassResourceInfo", "message:resourceInfo", "", "boolean"), 55);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "isUserPermitted", "org.wso2.carbon.apimgt.rest.api.util.interceptors.auth.XACMLAuthenticationInterceptor", "java.lang.String:java.lang.String:java.lang.String:[Ljava.lang.String;", "userName:resource:httpMethod:arr", "", "boolean"), 76);
    }
}
