package org.gcube.common.vomanagement.security.authorisation.control.impl;

import java.util.Map;
import org.apache.axis.MessageContext;
import org.gcube.common.core.contexts.GCUBEServiceContext;
import org.gcube.common.core.faults.GCUBEException;
import org.gcube.common.core.faults.GCUBEUnrecoverableException;
import org.gcube.common.core.security.GCUBEServiceAuthorizationController;
import org.gcube.common.core.security.GCUBEServiceSecurityManager;
import org.gcube.common.core.security.impl.GCUBEAuthzChainAuthorizationController;
import org.gcube.common.core.utils.logging.GCUBELog;

/* loaded from: input_file:org/gcube/common/vomanagement/security/authorisation/control/impl/DNSelectionAuthorizationController.class */
public class DNSelectionAuthorizationController implements GCUBEServiceAuthorizationController {
    private GCUBEServiceSecurityManager securityManager;
    private GCUBELog logger = new GCUBELog(this);
    private EqualDNAuthorizationController equalDnController;
    private GCUBEAuthzChainAuthorizationController chainController;

    public void initialise(GCUBEServiceContext gCUBEServiceContext, GCUBEServiceSecurityManager gCUBEServiceSecurityManager) throws Exception {
        this.securityManager = gCUBEServiceSecurityManager;
        this.equalDnController = new EqualDNAuthorizationController();
        this.equalDnController.initialise(gCUBEServiceContext, gCUBEServiceSecurityManager);
        this.chainController = new GCUBEAuthzChainAuthorizationController();
        this.chainController.initialise(gCUBEServiceContext, gCUBEServiceSecurityManager);
    }

    public boolean isSecurityEnabled() {
        return this.securityManager.isSecurityEnabled();
    }

    public void authoriseCall(Map<String, Object> map) throws GCUBEException {
        this.logger.debug("External request authorization process");
        if (!isSecurityEnabled()) {
            this.logger.debug("Security not enabled, nothing to do");
            return;
        }
        if (((MessageContext) map.get("MESSAGE_CONTEXT")) == null) {
            this.logger.error("Unable to find message context");
            throw new GCUBEUnrecoverableException("Unable to find message context");
        }
        try {
            this.equalDnController.authoriseCall(map);
        } catch (GCUBEException e) {
            this.logger.debug("Caller DN not equal to host DN, trying the chain based authz");
            this.chainController.authoriseCall(map);
        }
    }
}
