package org.infinispan.server.endpoint.subsystem;

import java.io.IOException;
import java.util.Map;
import javax.security.jacc.PolicyContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import org.apache.catalina.Manager;
import org.apache.catalina.Session;
import org.apache.catalina.Wrapper;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.infinispan.server.endpoint.EndpointLogger;
import org.jboss.as.web.security.JBossGenericPrincipal;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityRolesAssociation;
import org.jboss.security.SecurityUtil;

/* loaded from: input_file:org/infinispan/server/endpoint/subsystem/RestSecurityContext.class */
public class RestSecurityContext extends ValveBase {
    private static final ThreadLocal<Request> activeRequest = new ThreadLocal<>();
    private String contextSecurityDomain;
    private String name;

    public RestSecurityContext(String str, String str2) {
        this.name = str;
        this.contextSecurityDomain = str2;
    }

    public void invoke(Request request, Response response) throws IOException, ServletException {
        activeRequest.set(request);
        Session session = null;
        JBossGenericPrincipal principal = request.getPrincipal();
        JBossGenericPrincipal jBossGenericPrincipal = null;
        HttpSession session2 = request.getSession(false);
        boolean z = false;
        SecurityContext securityContext = SecurityActions.getSecurityContext();
        if (securityContext == null) {
            z = true;
            String unprefixSecurityDomain = SecurityUtil.unprefixSecurityDomain(this.contextSecurityDomain);
            if (unprefixSecurityDomain == null) {
                unprefixSecurityDomain = "jboss-web-policy";
            }
            securityContext = SecurityActions.createSecurityContext(unprefixSecurityDomain);
            SecurityActions.setSecurityContextOnAssociation(securityContext);
        }
        Wrapper wrapper = null;
        try {
            try {
                wrapper = request.getWrapper();
                if (wrapper != null) {
                    wrapper.getName();
                    SecurityActions.pushRunAsIdentity(null);
                }
                Manager manager = this.container.getManager();
                if (manager != null && session2 != null) {
                    try {
                        session = manager.findSession(session2.getId());
                    } catch (IOException e) {
                    }
                }
                if (principal == null || !(principal instanceof JBossGenericPrincipal)) {
                    if (session != null) {
                        jBossGenericPrincipal = (JBossGenericPrincipal) session.getPrincipal();
                    }
                    if (jBossGenericPrincipal == null) {
                        Session sessionInternal = request.getSessionInternal(false);
                        if (sessionInternal != null) {
                            jBossGenericPrincipal = (JBossGenericPrincipal) sessionInternal.getNote("org.apache.catalina.authenticator.PRINCIPAL");
                        }
                    }
                } else {
                    jBossGenericPrincipal = principal;
                }
                if (jBossGenericPrincipal != null && z) {
                    securityContext.getUtil().createSubjectInfo(jBossGenericPrincipal.getUserPrincipal(), jBossGenericPrincipal.getCredentials(), jBossGenericPrincipal.getSubject());
                }
            } catch (Throwable th) {
                EndpointLogger.ROOT_LOGGER.failedToDetermineServlet(th);
            }
            PolicyContext.setContextID(this.name);
            getNext().invoke(request, response);
            if (wrapper != null) {
                SecurityActions.popRunAsIdentity();
            }
            SecurityActions.clearSecurityContext();
            SecurityRolesAssociation.setSecurityRoles((Map) null);
            PolicyContext.setContextID((String) null);
            activeRequest.set(null);
        } catch (Throwable th2) {
            SecurityActions.clearSecurityContext();
            SecurityRolesAssociation.setSecurityRoles((Map) null);
            PolicyContext.setContextID((String) null);
            activeRequest.set(null);
            throw th2;
        }
    }

    public static Request getActiveRequest() {
        return activeRequest.get();
    }
}
