package org.apache.qpid.server.management.plugin.servlet.rest;

import java.io.IOException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.qpid.server.logging.actors.CurrentActor;
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.security.SecurityManager;

/* loaded from: input_file:org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.class */
public abstract class AbstractServlet extends HttpServlet {
    private static final Logger LOGGER = Logger.getLogger(AbstractServlet.class);
    private Broker _broker;
    private HttpManagementConfiguration _managementConfiguration;

    public void init() throws ServletException {
        ServletContext servletContext = getServletConfig().getServletContext();
        this._broker = HttpManagementUtil.getBroker(servletContext);
        this._managementConfiguration = HttpManagementUtil.getManagementConfiguration(servletContext);
        super.init();
    }

    protected final void doGet(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) {
        doWithSubjectAndActor(new PrivilegedExceptionAction<Void>() { // from class: org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                AbstractServlet.this.doGetWithSubjectAndActor(httpServletRequest, httpServletResponse);
                return null;
            }
        }, httpServletRequest, httpServletResponse);
    }

    protected void doGetWithSubjectAndActor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        throw new UnsupportedOperationException("GET not supported by this servlet");
    }

    protected final void doPost(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) {
        doWithSubjectAndActor(new PrivilegedExceptionAction<Void>() { // from class: org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                AbstractServlet.this.doPostWithSubjectAndActor(httpServletRequest, httpServletResponse);
                return null;
            }
        }, httpServletRequest, httpServletResponse);
    }

    protected void doPostWithSubjectAndActor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        throw new UnsupportedOperationException("POST not supported by this servlet");
    }

    protected final void doPut(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) {
        doWithSubjectAndActor(new PrivilegedExceptionAction<Void>() { // from class: org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                AbstractServlet.this.doPutWithSubjectAndActor(httpServletRequest, httpServletResponse);
                return null;
            }
        }, httpServletRequest, httpServletResponse);
    }

    protected void doPutWithSubjectAndActor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        throw new UnsupportedOperationException("PUT not supported by this servlet");
    }

    protected final void doDelete(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doWithSubjectAndActor(new PrivilegedExceptionAction<Void>() { // from class: org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                AbstractServlet.this.doDeleteWithSubjectAndActor(httpServletRequest, httpServletResponse);
                return null;
            }
        }, httpServletRequest, httpServletResponse);
    }

    protected void doDeleteWithSubjectAndActor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        throw new UnsupportedOperationException("DELETE not supported by this servlet");
    }

    private void doWithSubjectAndActor(PrivilegedExceptionAction<Void> privilegedExceptionAction, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            Subject authorisedSubject = getAuthorisedSubject(httpServletRequest);
            SecurityManager.setThreadSubject(authorisedSubject);
            try {
                CurrentActor.set(HttpManagementUtil.getOrCreateAndCacheLogActor(httpServletRequest, this._broker));
                try {
                    try {
                        Subject.doAs(authorisedSubject, privilegedExceptionAction);
                        CurrentActor.remove();
                        try {
                            SecurityManager.setThreadSubject((Subject) null);
                        } finally {
                        }
                    } catch (Throwable th) {
                        CurrentActor.remove();
                        throw th;
                    }
                } catch (RuntimeException e) {
                    LOGGER.error("Unable to perform action", e);
                    throw e;
                } catch (PrivilegedActionException e2) {
                    LOGGER.error("Unable to perform action", e2);
                    throw new RuntimeException(e2.getCause());
                }
            } catch (Throwable th2) {
                try {
                    SecurityManager.setThreadSubject((Subject) null);
                    throw th2;
                } finally {
                }
            }
        } catch (SecurityException e3) {
            sendError(httpServletResponse, 401);
        }
    }

    protected Subject getAuthorisedSubject(HttpServletRequest httpServletRequest) {
        Subject authorisedSubject = HttpManagementUtil.getAuthorisedSubject(httpServletRequest.getSession());
        if (authorisedSubject == null) {
            throw new SecurityException("Access to management rest interfaces is denied for un-authorised user");
        }
        return authorisedSubject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Broker getBroker() {
        return this._broker;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpManagementConfiguration getManagementConfiguration() {
        return this._managementConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendError(HttpServletResponse httpServletResponse, int i) {
        try {
            httpServletResponse.sendError(i);
        } catch (IOException e) {
            throw new RuntimeException("Failed to send error response code " + i, e);
        }
    }
}
