package org.deegree.services.authentication;

import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.stream.XMLStreamReader;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPHeader;
import org.deegree.services.authentication.soapheader.SoapHeader;
import org.deegree.services.authentication.soapheader.SoapHeaderXMLAdapter;
import org.deegree.services.controller.Credentials;
import org.deegree.services.controller.CredentialsProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/deegree-services-3.0.4.jar:org/deegree/services/authentication/SOAPAuthentication.class */
public class SOAPAuthentication implements CredentialsProvider {
    private static Logger LOG = LoggerFactory.getLogger(SOAPAuthentication.class);

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doKVP(Map<String, String> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SecurityException {
        throw new UnsupportedOperationException("KVP Security is not implementable in SOAP!");
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doXML(XMLStreamReader xMLStreamReader, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SecurityException {
        throw new UnsupportedOperationException("XML Security is not implementable in SOAP!");
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public Credentials doSOAP(SOAPEnvelope sOAPEnvelope, HttpServletRequest httpServletRequest) throws SecurityException {
        SOAPHeader header = sOAPEnvelope.getHeader();
        SoapHeaderXMLAdapter soapHeaderXMLAdapter = new SoapHeaderXMLAdapter();
        soapHeaderXMLAdapter.setRootElement(header);
        SoapHeader parseHeader = soapHeaderXMLAdapter.parseHeader();
        LOG.info(parseHeader.getUsername() + " " + parseHeader.getPassword());
        return new Credentials(parseHeader.getUsername(), parseHeader.getPassword());
    }

    @Override // org.deegree.services.controller.CredentialsProvider
    public void handleException(HttpServletResponse httpServletResponse, SecurityException securityException) throws IOException {
        if (securityException instanceof InvalidCredentialsException) {
            doInvalidCredentialsExceptionException(httpServletResponse, (InvalidCredentialsException) securityException);
        } else if (securityException instanceof SecurityException) {
            doAuthenticationException(httpServletResponse, securityException);
        }
    }

    private void doAuthenticationException(HttpServletResponse httpServletResponse, SecurityException securityException) throws IOException {
        LOG.debug("WSSE_SecurityException: ");
        httpServletResponse.reset();
        httpServletResponse.resetBuffer();
        httpServletResponse.setHeader("WWW-Authenticate", "WSSE realm=\" Backroom\", profile=\"UsernameToken\" ");
        httpServletResponse.setStatus(401);
        httpServletResponse.flushBuffer();
    }

    private void doInvalidCredentialsExceptionException(HttpServletResponse httpServletResponse, InvalidCredentialsException invalidCredentialsException) throws IOException {
        LOG.debug("exception should respond Forbidden: ");
        httpServletResponse.sendError(403);
    }
}
