package org.wso2.micro.integrator.management.apis.security.handler;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.stream.XMLStreamException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.wso2.carbon.inbound.endpoint.internal.http.api.InternalAPIHandler;
import org.wso2.micro.core.util.CarbonException;
import org.wso2.micro.integrator.management.apis.Constants;
import org.wso2.micro.integrator.management.apis.ManagementApiUndefinedException;

/* loaded from: input_file:org/wso2/micro/integrator/management/apis/security/handler/SecurityHandlerAdapter.class */
public abstract class SecurityHandlerAdapter implements InternalAPIHandler {
    protected List<String> resources;
    protected List<String> defaultResources;
    protected String context;
    protected static boolean useCarbonUserStore = false;
    private static boolean isInitialized = false;
    private static final Log LOG = LogFactory.getLog(SecurityHandlerAdapter.class);

    public SecurityHandlerAdapter(String str) throws CarbonException, XMLStreamException, IOException, ManagementApiUndefinedException {
        initializeUserStore();
        this.context = str;
        populateDefaultResources();
    }

    protected SecurityHandlerAdapter() {
    }

    private static void initializeUserStore() throws CarbonException, IOException, ManagementApiUndefinedException, XMLStreamException {
        if (isInitialized) {
            return;
        }
        if (SecurityUtils.isFileBasedUserStoreEnabled().booleanValue()) {
            isInitialized = FileBasedUserStoreManager.getUserStoreManager().isInitialized();
            return;
        }
        LOG.info("File based user store has been disabled. Carbon user store settings will be used.");
        useCarbonUserStore = true;
        isInitialized = true;
    }

    protected boolean needsHandling(MessageContext messageContext) {
        String address = messageContext.getTo().getAddress();
        if (!Constants.REST_API_CONTEXT.equals(address)) {
            return !this.resources.isEmpty() ? isMatchingResource(address, this.resources) : isMatchingResource(address, this.defaultResources);
        }
        LOG.debug("Authentication is skipped for management api root context.");
        return false;
    }

    private boolean isMatchingResource(String str, List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (str.startsWith(this.context.concat(it.next()))) {
                return true;
            }
        }
        return false;
    }

    protected void populateDefaultResources() {
        this.defaultResources = new ArrayList(1);
        this.defaultResources.add("");
    }

    public void setResources(List<String> list) {
        this.resources = list;
    }

    public List<String> getResources() {
        return this.resources;
    }

    public Boolean invoke(MessageContext messageContext) {
        if (needsHandling(messageContext)) {
            return handle(messageContext);
        }
        return true;
    }

    protected abstract Boolean handle(MessageContext messageContext);

    public Map clearHeaders(Map map) {
        Object obj = map.get("Access-Control-Allow-Origin");
        Object obj2 = map.get("Access-Control-Allow-Methods");
        Object obj3 = map.get("Access-Control-Allow-Headers");
        map.clear();
        if (obj != null) {
            map.put("Access-Control-Allow-Origin", obj);
        }
        if (obj2 != null) {
            map.put("Access-Control-Allow-Methods", obj2);
        }
        if (obj3 != null) {
            map.put("Access-Control-Allow-Headers", obj3);
        }
        return map;
    }
}
