package org.wso2.carbon.apimgt.rest.api.common.interceptors;

import io.swagger.models.Swagger;
import io.swagger.parser.SwaggerParser;
import io.swagger.util.Json;
import java.util.HashMap;
import java.util.Locale;
import javax.ws.rs.core.Response;
import org.osgi.service.component.annotations.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.apimgt.core.exception.APIManagementException;
import org.wso2.carbon.apimgt.core.exception.ErrorHandler;
import org.wso2.carbon.apimgt.core.exception.ExceptionCodes;
import org.wso2.carbon.apimgt.core.util.EnvironmentUtils;
import org.wso2.carbon.apimgt.rest.api.common.APIConstants;
import org.wso2.carbon.apimgt.rest.api.common.RestApiConstants;
import org.wso2.carbon.apimgt.rest.api.common.api.RESTAPIAuthenticator;
import org.wso2.carbon.apimgt.rest.api.common.dto.ErrorDTO;
import org.wso2.carbon.apimgt.rest.api.common.exception.APIMgtSecurityException;
import org.wso2.carbon.apimgt.rest.api.common.util.RestApiUtil;
import org.wso2.msf4j.Interceptor;
import org.wso2.msf4j.Request;
import org.wso2.msf4j.Response;
import org.wso2.msf4j.ServiceMethodInfo;

@Component(name = "org.wso2.carbon.apimgt.rest.api.common.interceptors.RESTAPISecurityInterceptor", service = {Interceptor.class}, immediate = true)
/* loaded from: input_file:org/wso2/carbon/apimgt/rest/api/common/interceptors/RESTAPISecurityInterceptor.class */
public class RESTAPISecurityInterceptor implements Interceptor {
    private static final Logger log = LoggerFactory.getLogger(RESTAPISecurityInterceptor.class);
    private static String authenticatorName = "org.wso2.carbon.apimgt.rest.api.common.impl.OAuth2Authenticator";
    private RESTAPIAuthenticator authenticatorImplClass = null;

    public boolean preCall(Request request, Response response, ServiceMethodInfo serviceMethodInfo) throws APIMgtSecurityException {
        ErrorHandler errorHandler = null;
        boolean z = false;
        String allowedOrigin = EnvironmentUtils.getAllowedOrigin(request.getHeader(RestApiConstants.ORIGIN_HEADER));
        if (allowedOrigin != null) {
            response.setHeader(RestApiConstants.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, allowedOrigin).setHeader(RestApiConstants.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER, "true");
        }
        if (request.getHttpMethod().equalsIgnoreCase(APIConstants.HTTP_OPTIONS)) {
            response.setHeader(RestApiConstants.ACCESS_CONTROL_ALLOW_METHODS_HEADER, "POST, GET, OPTIONS, PUT, DELETE, HEAD").setHeader(RestApiConstants.ACCESS_CONTROL_ALLOW_HEADERS_HEADER, RestApiConstants.ACCESS_CONTROL_ALLOW_HEADERS_LIST).setStatus(Response.Status.OK.getStatusCode()).send();
            return false;
        }
        String lowerCase = request.getUri().toLowerCase(Locale.ENGLISH);
        if (!lowerCase.contains("/api/am/") || lowerCase.contains("/login/token")) {
            return true;
        }
        String str = (String) request.getProperty("PROTOCOL");
        Swagger swagger = null;
        if (lowerCase.contains("/publisher")) {
            if (lowerCase.contains("swagger.yaml")) {
                try {
                    response.setStatus(Response.Status.OK.getStatusCode()).setEntity(RestApiUtil.getPublisherRestAPIResource()).setMediaType("text/x-yaml").send();
                    return false;
                } catch (APIManagementException e) {
                    ErrorDTO errorDTO = RestApiUtil.getErrorDTO(e.getErrorHandler());
                    log.error("Couldn't find swagger.yaml for publisher", e);
                    response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).setEntity(errorDTO).send();
                    return false;
                }
            }
        } else if (lowerCase.contains("/store")) {
            if (lowerCase.contains("swagger.json")) {
                try {
                    Swagger parse = new SwaggerParser().parse(RestApiUtil.getStoreRestAPIResource());
                    parse.setBasePath(RestApiUtil.getContext(RestApiConstants.APPType.STORE));
                    parse.setHost(RestApiUtil.getHost(str.toLowerCase(Locale.ENGLISH)));
                    response.setStatus(Response.Status.OK.getStatusCode()).setEntity(Json.pretty(parse)).setMediaType("application/json").send();
                    return false;
                } catch (APIManagementException e2) {
                    ErrorDTO errorDTO2 = RestApiUtil.getErrorDTO(e2.getErrorHandler());
                    log.error("Couldn't find swagger.json for store", e2);
                    response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).setEntity(errorDTO2).send();
                    return false;
                }
            }
            if (lowerCase.contains("swagger.yaml")) {
                try {
                    response.setStatus(Response.Status.OK.getStatusCode()).setEntity(RestApiUtil.getStoreRestAPIResource()).setMediaType("text/x-yaml").send();
                    return false;
                } catch (APIManagementException e3) {
                    ErrorDTO errorDTO3 = RestApiUtil.getErrorDTO(e3.getErrorHandler());
                    log.error("Couldn't find swagger.yaml for store", e3);
                    response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).setEntity(errorDTO3).send();
                    return false;
                }
            }
        } else if (lowerCase.contains("/analytics")) {
            if (lowerCase.contains("swagger.json")) {
                try {
                    swagger = new SwaggerParser().parse(RestApiUtil.getAnalyticsRestAPIResource());
                    swagger.setBasePath(RestApiUtil.getContext(RestApiConstants.APPType.ANALYTICS));
                    swagger.setHost(RestApiUtil.getHost(str.toLowerCase(Locale.ENGLISH)));
                } catch (APIManagementException e4) {
                    log.error("Couldn't find swagger.json for analytics", e4);
                }
                response.setStatus(Response.Status.OK.getStatusCode()).setEntity(Json.pretty(swagger)).setMediaType("application/json").send();
                return false;
            }
        } else {
            if (lowerCase.contains("/editor") || lowerCase.contains("keyserver") || lowerCase.contains("core")) {
                return true;
            }
            if (lowerCase.contains("/admin")) {
                if (lowerCase.contains("swagger.json")) {
                    try {
                        Swagger parse2 = new SwaggerParser().parse(RestApiUtil.getAdminRestAPIResource());
                        parse2.setBasePath(RestApiUtil.getContext("admin"));
                        parse2.setHost(RestApiUtil.getHost(str.toLowerCase(Locale.ENGLISH)));
                        response.setStatus(Response.Status.OK.getStatusCode()).setEntity(Json.pretty(parse2)).setMediaType("application/json").send();
                        return false;
                    } catch (APIManagementException e5) {
                        ErrorDTO errorDTO4 = RestApiUtil.getErrorDTO(e5.getErrorHandler());
                        log.error("Couldn't find swagger.yaml for admin", e5);
                        response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).setEntity(errorDTO4).send();
                        return false;
                    }
                }
                if (lowerCase.contains("swagger.yaml")) {
                    try {
                        response.setStatus(Response.Status.OK.getStatusCode()).setEntity(RestApiUtil.getAdminRestAPIResource()).setMediaType("text/x-yaml").send();
                        return false;
                    } catch (APIManagementException e6) {
                        ErrorDTO errorDTO5 = RestApiUtil.getErrorDTO(e6.getErrorHandler());
                        log.error("Couldn't find swagger.yaml for admin", e6);
                        response.setStatus(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).setEntity(errorDTO5).send();
                        return false;
                    }
                }
            }
        }
        try {
            if (this.authenticatorImplClass == null) {
                try {
                    this.authenticatorImplClass = (RESTAPIAuthenticator) Class.forName(authenticatorName).newInstance();
                } catch (ClassNotFoundException e7) {
                    throw new APIMgtSecurityException("Error while loading class " + authenticatorName, e7);
                }
            }
            z = this.authenticatorImplClass.authenticate(request, response, serviceMethodInfo);
        } catch (IllegalAccessException e8) {
            log.error(e8.getMessage() + " Error while accessing resource : " + authenticatorName);
            z = false;
            errorHandler = ExceptionCodes.AUTH_GENERAL_ERROR;
        } catch (InstantiationException e9) {
            log.error(e9.getMessage() + " Error while instantiating authenticator: " + authenticatorName);
            z = false;
            errorHandler = ExceptionCodes.AUTH_GENERAL_ERROR;
        } catch (APIMgtSecurityException e10) {
            errorHandler = e10.getErrorHandler();
            log.error(e10.getMessage() + " Requested Path: " + request.getUri());
        }
        if (!z) {
            handleSecurityError(errorHandler, response);
        }
        return z;
    }

    public void postCall(Request request, int i, ServiceMethodInfo serviceMethodInfo) throws Exception {
    }

    private void handleSecurityError(ErrorHandler errorHandler, org.wso2.msf4j.Response response) {
        ErrorDTO errorDTO = RestApiUtil.getErrorDTO(errorHandler, new HashMap());
        response.setStatus(errorHandler.getHttpStatusCode());
        response.setHeader("WWW-Authenticate", RestApiConstants.AUTH_TYPE_OAUTH2);
        response.setEntity(errorDTO);
        response.setMediaType("application/json");
        response.send();
    }
}
