package org.gcube.common.handlers;

import java.util.HashMap;
import java.util.Iterator;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.gcube.accounting.datamodel.UsageRecord;
import org.gcube.accounting.datamodel.usagerecords.ServiceUsageRecord;
import org.gcube.accounting.persistence.AccountingPersistence;
import org.gcube.accounting.persistence.AccountingPersistenceFactory;
import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.client.proxy.AuthorizationProxy;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
import org.gcube.common.authorization.library.provider.CalledMethodProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.core.contexts.GCUBERemotePortTypeContext;
import org.gcube.common.core.contexts.GCUBEServiceContext;
import org.gcube.common.core.contexts.GHNContext;
import org.gcube.common.core.faults.GCUBEException;
import org.gcube.common.core.faults.GCUBEFault;
import org.gcube.common.core.faults.GCUBERetryEquivalentFault;
import org.gcube.common.core.faults.GCUBERetrySameFault;
import org.gcube.common.core.faults.GCUBEUnrecoverableException;
import org.gcube.common.core.faults.GCUBEUnrecoverableFault;
import org.gcube.common.core.scope.GCUBEScope;
import org.gcube.common.core.security.GCUBEServiceAuthenticationController;
import org.gcube.common.core.security.GCUBEServiceAuthorizationController;
import org.gcube.common.core.security.GCUBEServiceSecurityController;
import org.gcube.common.core.utils.logging.GCUBELog;
import org.gcube.common.scope.api.ScopeProvider;

/* loaded from: input_file:org/gcube/common/handlers/GCUBEHandler.class */
public class GCUBEHandler extends BasicHandler {
    public static final String SERVICECONTEXT_PROPERTY = "receiver";
    public static final String CALLER_PROPERTY = "caller";
    private static final long serialVersionUID = 1;
    protected static GCUBELog logger = new GCUBELog(GCUBEHandler.class);
    private static ThreadLocal<Long> startCallThreadLocal = new ThreadLocal<>();

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r16v1, types: [java.lang.Throwable, org.gcube.common.core.faults.GCUBEException] */
    public void invoke(MessageContext messageContext) throws GCUBEFault {
        logger.debug("GCube Handler invoked");
        if (messageContext.getPastPivot()) {
            logger.trace("Past Pivot");
            onResponse(messageContext, new boolean[0]);
            return;
        }
        startCallThreadLocal.set(Long.valueOf(System.currentTimeMillis()));
        HashMap hashMap = new HashMap();
        try {
            logger.trace("Getting headers");
            Iterator childElements = MessageContext.getCurrentContext().getCurrentMessage().getSOAPHeader().getChildElements();
            while (childElements.hasNext()) {
                SOAPElement sOAPElement = (SOAPElement) childElements.next();
                String localName = sOAPElement.getElementName().getLocalName();
                String value = sOAPElement.getValue();
                logger.trace("Header name = " + localName + " value " + value);
                hashMap.put(localName, value);
            }
            CalledMethodProvider.instance.set(hashMap.get(GCUBERemotePortTypeContext.CALLED_METHOD_HEADER_NAME) != null ? (String) hashMap.get(GCUBERemotePortTypeContext.CALLED_METHOD_HEADER_NAME) : "UNKNOWN");
            if ((hashMap.get("serviceClass") == null || hashMap.get("serviceName") == null) && !GHNContext.getContext().isSecurityEnabled()) {
                logger.debug("Security not enabled: the call without service header passes");
                return;
            }
            if ((hashMap.get("serviceClass") == null || hashMap.get("serviceName") == null) && GHNContext.getContext().isSecurityEnabled()) {
                logger.error("Unable to determine the correct service security configuration and to find the correct security controller: the calla will not pass");
                throw new GCUBEUnrecoverableException("Unable to determine the service").toFault(new String[0]);
            }
            try {
                GCUBEServiceContext serviceContext = GHNContext.getContext().getServiceContext((String) hashMap.get("serviceClass"), (String) hashMap.get("serviceName"));
                if (serviceContext.getStatus() == GCUBEServiceContext.Status.FAILED || serviceContext.getStatus() == GCUBEServiceContext.Status.DOWN) {
                    throw new GCUBERetryEquivalentFault("Service " + ((String) hashMap.get("serviceName")) + " is not operational");
                }
                if (serviceContext.getStatus() != GCUBEServiceContext.Status.READIED) {
                    throw new GCUBERetrySameFault("Service " + ((String) hashMap.get("serviceName")) + " is not ready yet");
                }
                messageContext.setProperty(SERVICECONTEXT_PROPERTY, serviceContext);
                logger.trace("Service context set");
                try {
                    String str = (String) hashMap.get("caller");
                    messageContext.setProperty("caller", str);
                    logger.info("START CALL FROM (" + str + ") TO (" + (serviceContext.getServiceClass() + ":" + serviceContext.getName() + ":" + CalledMethodProvider.instance.get()) + ")," + ((String) hashMap.get("scope")) + "," + Thread.currentThread());
                    if (!validateToken((String) hashMap.get(GCUBERemotePortTypeContext.AUTH_TOKEN_HEADER_NAME), str, serviceContext)) {
                        if (hashMap.get("scope") == null) {
                            throw new Exception("gCube call is unscoped");
                        }
                        serviceContext.getTiming();
                        if (str == null) {
                        }
                        GCUBEScope scope = GCUBEScope.getScope((String) hashMap.get("scope"));
                        logger.trace("Scope = " + scope);
                        serviceContext.setScope(scope);
                        if (GHNContext.getContext().isSecurityEnabled()) {
                            logger.trace("peer subject " + messageContext.getProperty("callerSubject"));
                            logger.trace("Setting security");
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put(GCUBEServiceSecurityController.CONTEXT, serviceContext);
                            hashMap2.put(GCUBEServiceSecurityController.HEADERS, hashMap);
                            hashMap2.put(GCUBEServiceSecurityController.MESSAGE_CONTEXT, messageContext);
                            GCUBEServiceAuthenticationController authenticationManager = serviceContext.getAuthenticationManager();
                            GCUBEServiceAuthorizationController authorizationManager = serviceContext.getAuthorizationManager();
                            authenticationManager.authenticateCall(hashMap2);
                            authorizationManager.authoriseCall(hashMap2);
                            logger.trace("Security set");
                        }
                    }
                } catch (Exception e) {
                    logger.error("General exception in GCubeHandler", e);
                    onResponse(messageContext, new boolean[0]);
                    throw new GCUBEUnrecoverableException(e).toFault(new String[0]);
                } catch (GCUBEException e2) {
                    logger.error("Error in GCubeHandler", e2);
                    onResponse(messageContext, new boolean[0]);
                    throw e2.toFault(new String[0]);
                }
            } catch (Exception e3) {
                throw new GCUBEUnrecoverableException(e3).toFault("Could not dispatch gCube call to service " + ((String) hashMap.get("serviceName")));
            }
        } catch (SOAPException e4) {
            throw new GCUBEUnrecoverableFault("call is malformed: could not process headers");
        }
    }

    private boolean validateToken(String str, String str2, GCUBEServiceContext gCUBEServiceContext) throws Exception {
        if (str == null) {
            logger.info("token not found");
            return false;
        }
        ScopeProvider.instance.set(gCUBEServiceContext.getStartScopes()[0].getInfrastructure().toString());
        AuthorizationEntry authorizationEntry = ((AuthorizationProxy) Constants.authorizationService().build()).get(str);
        if (authorizationEntry == null) {
            logger.info("rejecting call to " + str2 + ", invalid token " + str);
            throw new Exception("invalid token " + str);
        }
        AuthorizationProvider.instance.set(new UserInfo(authorizationEntry.getUserName(), authorizationEntry.getRoles(), authorizationEntry.getBannedServices()));
        GCUBEScope scope = GCUBEScope.getScope(authorizationEntry.getScope());
        logger.trace("Scope = " + scope);
        gCUBEServiceContext.setScope(scope);
        logger.info("retrieved request authorization info " + AuthorizationProvider.instance.get() + " in scope " + ScopeProvider.instance.get());
        SecurityTokenProvider.instance.set(str);
        return true;
    }

    public void onFault(MessageContext messageContext) {
        super.onFault(messageContext);
        onResponse(messageContext, true);
    }

    private void onResponse(MessageContext messageContext, boolean... zArr) {
        if (messageContext.isPropertyTrue(SERVICECONTEXT_PROPERTY)) {
            GCUBEServiceContext gCUBEServiceContext = (GCUBEServiceContext) messageContext.getProperty(SERVICECONTEXT_PROPERTY);
            String str = (String) messageContext.getProperty("caller");
            String str2 = gCUBEServiceContext.getServiceClass() + ":" + gCUBEServiceContext.getName() + ":" + CalledMethodProvider.instance.get();
            String str3 = ScopeProvider.instance.get();
            logger.info("END CALL FROM (" + str + ") TO (" + str2 + ")," + (str3 == null ? "INVALID" : str3 + "," + Thread.currentThread() + ",[" + gCUBEServiceContext.getTiming() + "]"));
            if (AuthorizationProvider.instance.get() != null) {
                generateAccounting(AuthorizationProvider.instance.get().getUserName(), str, gCUBEServiceContext);
            } else {
                generateAccounting("UNKNOWN", str, gCUBEServiceContext);
            }
            gCUBEServiceContext.getManagementBean().setLastResponseTime(gCUBEServiceContext.getTiming());
            gCUBEServiceContext.getManagementBean().addCall();
            if (zArr != null && zArr.length > 0 && zArr[0]) {
                gCUBEServiceContext.getManagementBean().addFailedCall();
            }
            gCUBEServiceContext.resetTimer();
            ScopeProvider.instance.reset();
            startCallThreadLocal.remove();
            SecurityTokenProvider.instance.reset();
            CalledMethodProvider.instance.reset();
            AuthorizationProvider.instance.reset();
        }
    }

    void generateAccounting(String str, String str2, GCUBEServiceContext gCUBEServiceContext) {
        AccountingPersistenceFactory.setFallbackLocation(GHNContext.getContext().getStorageRoot());
        AccountingPersistence persistence = AccountingPersistenceFactory.getPersistence();
        ServiceUsageRecord serviceUsageRecord = new ServiceUsageRecord();
        try {
            serviceUsageRecord.setConsumerId(str);
            serviceUsageRecord.setScope(ScopeProvider.instance.get());
            serviceUsageRecord.setServiceClass(gCUBEServiceContext.getServiceClass());
            serviceUsageRecord.setServiceName(gCUBEServiceContext.getName());
            serviceUsageRecord.setHost(GHNContext.getContext().getHostnameAndPort());
            serviceUsageRecord.setCalledMethod(CalledMethodProvider.instance.get());
            serviceUsageRecord.setCallerHost(str2);
            serviceUsageRecord.setOperationResult(UsageRecord.OperationResult.SUCCESS);
            serviceUsageRecord.setDuration(Long.valueOf(System.currentTimeMillis() - startCallThreadLocal.get().longValue()));
            persistence.account(serviceUsageRecord);
        } catch (Exception e) {
            logger.warn("invalid record passed to accounting ", e);
        }
    }
}
