package io.hawt.web;

import io.hawt.system.ConfigManager;
import io.hawt.system.Helpers;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.AccessController;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.SecurityContext;
import org.apache.http.client.config.CookieSpecs;
import org.eclipse.jgit.lib.ConfigConstants;
import org.jolokia.converter.Converters;
import org.jolokia.converter.json.JsonConvertOptions;
import org.osgi.service.http.HttpContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/hawtio-system-1.4.redhat-630175.jar:io/hawt/web/LoginServlet.class */
public class LoginServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final int DEFAULT_SESSION_TIMEOUT = 1800;
    protected ConfigManager config;
    private List<String> knownPrincipalList;
    private static final transient Logger LOG = LoggerFactory.getLogger(LoginServlet.class);
    private static final String[] KNOWN_PRINCIPALS = {"UserPrincipal", "JAASPrincipal", "SimplePrincipal"};
    protected Converters converters = new Converters();
    protected JsonConvertOptions options = JsonConvertOptions.DEFAULT;
    private Integer timeout = Integer.valueOf(DEFAULT_SESSION_TIMEOUT);

    public void init(ServletConfig servletConfig) throws ServletException {
        String str;
        this.knownPrincipalList = Arrays.asList(KNOWN_PRINCIPALS);
        this.config = (ConfigManager) servletConfig.getServletContext().getAttribute("ConfigManager");
        if (this.config != null && (str = this.config.get("sessionTimeout", "1800")) != null) {
            try {
                this.timeout = Integer.valueOf(Integer.parseInt(str));
                if (this.timeout.intValue() == 0) {
                    this.timeout = Integer.valueOf(DEFAULT_SESSION_TIMEOUT);
                }
            } catch (Exception e) {
                this.timeout = Integer.valueOf(DEFAULT_SESSION_TIMEOUT);
            }
        }
        LOG.info("hawtio login is using " + (this.timeout != null ? this.timeout + " sec." : CookieSpecs.DEFAULT) + " HttpSession timeout");
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON);
        PrintWriter writer = httpServletResponse.getWriter();
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            Subject subject = (Subject) session.getAttribute("subject");
            if (subject != null) {
                sendResponse(session, subject, writer);
                return;
            }
            LOG.warn("No security subject stored in existing session, invalidating");
            session.invalidate();
            Helpers.doForbidden(httpServletResponse);
            return;
        }
        Subject subject2 = Subject.getSubject(AccessController.getContext());
        if (subject2 == null) {
            Helpers.doForbidden(httpServletResponse);
            return;
        }
        Set<Principal> principals = subject2.getPrincipals();
        String str = null;
        if (principals != null) {
            for (Principal principal : principals) {
                if (this.knownPrincipalList.contains(principal.getClass().getSimpleName())) {
                    str = principal.getName();
                    LOG.debug("Authorizing user {}", str);
                }
            }
        }
        HttpSession session2 = httpServletRequest.getSession(true);
        session2.setAttribute("subject", subject2);
        session2.setAttribute("user", str);
        session2.setAttribute(HttpContext.REMOTE_USER, str);
        session2.setAttribute(HttpContext.AUTHENTICATION_TYPE, SecurityContext.BASIC_AUTH);
        session2.setAttribute("loginTime", Long.valueOf(GregorianCalendar.getInstance().getTimeInMillis()));
        if (this.timeout != null) {
            session2.setMaxInactiveInterval(this.timeout.intValue());
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Http session timeout for user {} is {} sec.", str, Integer.valueOf(session2.getMaxInactiveInterval()));
        }
        sendResponse(session2, subject2, writer);
    }

    protected void sendResponse(HttpSession httpSession, Subject subject, PrintWriter printWriter) {
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        for (Principal principal : subject.getPrincipals()) {
            HashMap hashMap2 = new HashMap();
            hashMap2.put("type", principal.getClass().getName());
            hashMap2.put(ConfigConstants.CONFIG_KEY_NAME, principal.getName());
            arrayList.add(hashMap2);
        }
        ArrayList arrayList2 = new ArrayList();
        for (Object obj : subject.getPublicCredentials()) {
            HashMap hashMap3 = new HashMap();
            hashMap3.put("type", obj.getClass().getName());
            hashMap3.put("credential", obj);
        }
        hashMap.put("principals", arrayList);
        hashMap.put("credentials", arrayList2);
        ServletHelpers.writeObject(this.converters, this.options, printWriter, hashMap);
    }
}
