package org.apache.solr.jersey;

import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.container.ResourceInfo;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.ext.Provider;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.solr.common.params.SolrParams;
import org.apache.solr.core.CoreContainer;
import org.apache.solr.security.AuthorizationContext;
import org.apache.solr.security.AuthorizationUtils;
import org.apache.solr.security.HttpServletAuthorizationContext;
import org.apache.solr.security.PermissionNameProvider;
import org.apache.solr.servlet.ServletUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
/* loaded from: input_file:org/apache/solr/jersey/SolrRequestAuthorizer.class */
public class SolrRequestAuthorizer implements ContainerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

    @Context
    private ResourceInfo resourceInfo;

    public SolrRequestAuthorizer() {
        log.info("Creating a new SolrRequestAuthorizer");
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        CoreContainer coreContainer = (CoreContainer) containerRequestContext.getProperty(RequestContextKeys.CORE_CONTAINER);
        HttpServletRequest httpServletRequest = (HttpServletRequest) containerRequestContext.getProperty(RequestContextKeys.HTTP_SERVLET_REQ);
        HttpServletResponse httpServletResponse = (HttpServletResponse) containerRequestContext.getProperty(RequestContextKeys.HTTP_SERVLET_RSP);
        AuthorizationContext.RequestType requestType = (AuthorizationContext.RequestType) containerRequestContext.getProperty(RequestContextKeys.REQUEST_TYPE);
        List<String> list = (List) containerRequestContext.getProperty(RequestContextKeys.COLLECTION_LIST);
        SolrParams solrParams = (SolrParams) containerRequestContext.getProperty(RequestContextKeys.SOLR_PARAMS);
        if (coreContainer.getAuthorizationPlugin() == null) {
            return;
        }
        AuthorizationContext authzContext = getAuthzContext(httpServletRequest, requestType, list, solrParams);
        log.debug("Attempting authz with context {}", authzContext);
        AuthorizationUtils.AuthorizationFailure authorize = AuthorizationUtils.authorize(httpServletRequest, httpServletResponse, coreContainer, authzContext);
        if (authorize != null) {
            containerRequestContext.abortWith(Response.status(authorize.getStatusCode()).entity(authorize.getMessage()).build());
        }
    }

    private AuthorizationContext getAuthzContext(final HttpServletRequest httpServletRequest, final AuthorizationContext.RequestType requestType, final List<String> list, final SolrParams solrParams) {
        return new HttpServletAuthorizationContext(httpServletRequest) { // from class: org.apache.solr.jersey.SolrRequestAuthorizer.1
            @Override // org.apache.solr.security.HttpServletAuthorizationContext, org.apache.solr.security.AuthorizationContext
            public List<AuthorizationContext.CollectionRequest> getCollectionRequests() {
                return AuthorizationUtils.getCollectionRequests(ServletUtils.getPathAfterContext(httpServletRequest), list, solrParams);
            }

            @Override // org.apache.solr.security.HttpServletAuthorizationContext, org.apache.solr.security.AuthorizationContext
            public Object getHandler() {
                return new PermissionNameProvider() { // from class: org.apache.solr.jersey.SolrRequestAuthorizer.1.1
                    @Override // org.apache.solr.security.PermissionNameProvider
                    public PermissionNameProvider.Name getPermissionName(AuthorizationContext authorizationContext) {
                        return ((PermissionName) SolrRequestAuthorizer.this.resourceInfo.getResourceMethod().getAnnotation(PermissionName.class)).value();
                    }
                };
            }

            @Override // org.apache.solr.security.HttpServletAuthorizationContext, org.apache.solr.security.AuthorizationContext
            public SolrParams getParams() {
                return solrParams;
            }

            @Override // org.apache.solr.security.HttpServletAuthorizationContext, org.apache.solr.security.AuthorizationContext
            public AuthorizationContext.RequestType getRequestType() {
                return requestType;
            }
        };
    }
}
