package org.rhq.enterprise.server.rest;

import java.io.IOException;
import java.io.OutputStream;
import java.security.Principal;
import javax.annotation.Resource;
import javax.ejb.EJB;
import javax.ejb.EJBContext;
import javax.interceptor.AroundInvoke;
import javax.interceptor.InvocationContext;
import javax.naming.OperationNotSupportedException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.StreamingOutput;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.rhq.core.domain.auth.Subject;
import org.rhq.enterprise.server.auth.SessionException;
import org.rhq.enterprise.server.auth.SubjectManagerLocal;
import org.rhq.enterprise.server.util.LookupUtil;

/* loaded from: input_file:org/rhq/enterprise/server/rest/ReportsInterceptor.class */
public class ReportsInterceptor {
    private final Log log = LogFactory.getLog(ReportsInterceptor.class);

    @Resource
    private EJBContext ejbContext;

    @EJB
    private SubjectManagerLocal subjectManager;

    /* loaded from: input_file:org/rhq/enterprise/server/rest/ReportsInterceptor$LoggingStreamingOutput.class */
    private class LoggingStreamingOutput implements StreamingOutput {
        String methodName;
        StreamingOutput delegate;

        public LoggingStreamingOutput(StreamingOutput streamingOutput, String str) {
            this.delegate = streamingOutput;
            this.methodName = str;
        }

        public void write(OutputStream outputStream) throws IOException, WebApplicationException {
            long currentTimeMillis = System.currentTimeMillis();
            try {
                this.delegate.write(outputStream);
                long currentTimeMillis2 = System.currentTimeMillis();
                if (ReportsInterceptor.this.log.isDebugEnabled()) {
                    ReportsInterceptor.this.log.debug(this.methodName + " finished streaming report in " + (currentTimeMillis2 - currentTimeMillis) + " ms");
                }
            } catch (IOException e) {
                ReportsInterceptor.this.log.error("An exception occurred while executing " + this.methodName, e);
                throw e;
            } catch (RuntimeException e2) {
                ReportsInterceptor.this.log.error("An exception occurred while executing " + this.methodName, e2);
                throw e2;
            }
        }
    }

    @AroundInvoke
    public Object setCaller(InvocationContext invocationContext) throws Exception {
        AbstractRestBean abstractRestBean = (AbstractRestBean) invocationContext.getTarget();
        Principal callerPrincipal = this.ejbContext.getCallerPrincipal();
        if (callerPrincipal != null) {
            abstractRestBean.caller = this.subjectManager.getSubjectByName(callerPrincipal.getName());
        }
        if (abstractRestBean.caller == null) {
            HttpServletRequest request = getRequest(invocationContext.getParameters());
            if (request == null) {
                String str = "No " + HttpServletRequest.class.getName() + " parameter was found for " + getMethodName(invocationContext) + ". An " + HttpServletRequest.class.getName() + " parameter must be specified in order to support authentication";
                this.log.error(str);
                throw new OperationNotSupportedException(str);
            }
            Subject subject = getSubject(request);
            if (subject == null) {
                throw new IllegalAccessException("Failed to validate request: could not access subject for request URL " + ((Object) request.getRequestURL()));
            }
            abstractRestBean.caller = subject;
        }
        Object proceed = invocationContext.proceed();
        return proceed instanceof StreamingOutput ? new LoggingStreamingOutput((StreamingOutput) proceed, getMethodName(invocationContext)) : proceed;
    }

    private String getMethodName(InvocationContext invocationContext) {
        return invocationContext.getTarget().getClass().getName() + "." + invocationContext.getMethod().getName();
    }

    private HttpServletRequest getRequest(Object[] objArr) {
        for (Object obj : objArr) {
            if (obj instanceof HttpServletRequest) {
                return (HttpServletRequest) obj;
            }
        }
        return null;
    }

    private Subject getSubject(HttpServletRequest httpServletRequest) {
        Cookie cookie = getCookie(httpServletRequest, "RHQ_Session");
        if (cookie == null) {
            return null;
        }
        String value = cookie.getValue();
        try {
            return LookupUtil.getSubjectManager().getSubjectBySessionId(Integer.parseInt(value));
        } catch (NumberFormatException e) {
            this.log.warn(value + " is not a valid session id.", e);
            return null;
        } catch (SessionException e2) {
            this.log.warn("Could not get subject for session id " + value, e2);
            return null;
        } catch (Exception e3) {
            this.log.error("An unexpected exception occurred while trying to access subject for session id " + value, e3);
            return null;
        }
    }

    private Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        if (httpServletRequest.getCookies() == null) {
            return null;
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (cookie.getName().equals(str)) {
                return cookie;
            }
        }
        return null;
    }
}
