package org.apache.stratos.metadata.service.handlers;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.stratos.metadata.service.Utils;
import org.apache.stratos.metadata.service.context.AuthenticationContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;

/* loaded from: input_file:WEB-INF/classes/org/apache/stratos/metadata/service/handlers/CookieBasedAuthenticationHandler.class */
public class CookieBasedAuthenticationHandler implements RequestHandler {
    private final Log log = LogFactory.getLog(CookieBasedAuthenticationHandler.class);

    public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) {
        if (AuthenticationContext.isAthenticated()) {
            return null;
        }
        HttpSession session = ((HttpServletRequest) message.get("HTTP.REQUEST")).getSession(false);
        if (session == null || !isUserLoggedIn(session)) {
            return Response.status(Response.Status.FORBIDDEN).type("application/json").entity(Utils.buildMessage("The endpoint requires authentication")).build();
        }
        String str = (String) session.getAttribute("userName");
        String str2 = (String) session.getAttribute("tenantDomain");
        int intValue = ((Integer) session.getAttribute("tenantId")).intValue();
        PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        threadLocalCarbonContext.setUsername(str);
        threadLocalCarbonContext.setTenantDomain(str2);
        threadLocalCarbonContext.setTenantId(intValue);
        AuthenticationContext.setAuthenticated(true);
        if (!this.log.isDebugEnabled()) {
            return null;
        }
        this.log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName() + "for username  :" + str + "tenantDomain : " + str2 + " tenantId : " + intValue);
        return null;
    }

    private boolean isUserLoggedIn(HttpSession httpSession) {
        return (((String) httpSession.getAttribute("userName")) == null || ((String) httpSession.getAttribute("tenantDomain")) == null || ((Integer) httpSession.getAttribute("tenantId")) == null) ? false : true;
    }
}
