package _ss_com.streamsets.lib.security.http;

import _ss_com.com.google.common.collect.ImmutableList;
import _ss_com.com.google.common.collect.ImmutableMap;
import _ss_com.fasterxml.jackson.databind.ObjectMapper;
import _ss_com.streamsets.pipeline.lib.parser.log.Constants;
import com.streamsets.pipeline.api.impl.Utils;
import java.io.IOException;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.MediaType;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.server.Authentication;
import org.slf4j.Logger;

/* loaded from: input_file:_ss_com/streamsets/lib/security/http/AbstractSSOAuthenticator.class */
public abstract class AbstractSSOAuthenticator implements Authenticator {
    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
    static final Map UNAUTHORIZED_JSON = ImmutableMap.of("ISSUES", ImmutableList.of(ImmutableMap.of("code", "SSO_01", Constants.MESSAGE, "User not authenticated")));
    private final SSOService ssoService;

    public AbstractSSOAuthenticator(SSOService sSOService) {
        this.ssoService = sSOService;
    }

    public SSOService getSsoService() {
        return this.ssoService;
    }

    protected abstract Logger getLog();

    @Override // org.eclipse.jetty.security.Authenticator
    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return SSOConstants.AUTHENTICATION_METHOD;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public void prepareRequest(ServletRequest servletRequest) {
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) throws ServerAuthException {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getRequestInfoForLogging(HttpServletRequest httpServletRequest, String str) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?<QUERY_STRING>");
        }
        return "Address: " + SSOPrincipalUtils.getClientIpAddress(httpServletRequest) + " Principal: " + str + " " + httpServletRequest.getMethod() + " " + ((Object) requestURL);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public org.eclipse.jetty.server.Authentication returnUnauthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws ServerAuthException {
        return returnUnauthorized(httpServletRequest, httpServletResponse, UNAUTHORIZED_JSON, str, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public org.eclipse.jetty.server.Authentication returnUnauthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map map, String str, String str2) throws ServerAuthException {
        if (getLog().isDebugEnabled()) {
            getLog().debug(str2, getRequestInfoForLogging(httpServletRequest, str));
        }
        try {
            httpServletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "dpm");
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentType(MediaType.APPLICATION_JSON);
            OBJECT_MAPPER.writeValue(httpServletResponse.getWriter(), map);
            return org.eclipse.jetty.server.Authentication.SEND_FAILURE;
        } catch (IOException e) {
            throw new ServerAuthException(Utils.format("Could send a Unauthorized (401) response: {}", new Object[]{e.toString(), e}));
        }
    }
}
