package org.kaazing.gateway.transport.http.bridge.filter;

import java.security.Principal;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.mina.core.filterchain.IoFilter;
import org.apache.mina.core.session.IoSession;
import org.kaazing.gateway.transport.SuspendableIoFilterAdapter;
import org.kaazing.gateway.transport.http.HttpStatus;
import org.kaazing.gateway.transport.http.bridge.HttpMessage;
import org.kaazing.gateway.transport.http.bridge.HttpRequestMessage;
import org.kaazing.gateway.transport.http.bridge.HttpResponseMessage;
import org.kaazing.mina.core.future.DefaultWriteFutureEx;
import org.kaazing.mina.core.write.DefaultWriteRequestEx;
import org.slf4j.Logger;

/* loaded from: input_file:org/kaazing/gateway/transport/http/bridge/filter/HttpBaseSecurityFilter.class */
public abstract class HttpBaseSecurityFilter extends SuspendableIoFilterAdapter {
    protected static final String AUTHORIZATION_HEADER = "Authorization";
    protected static final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate";
    protected static final Subject SUBJECT_FORBIDDEN;
    public static final String AUTHORIZATION_MODE_CHALLENGE = "challenge";
    protected final Logger logger;
    public static final String AUTH_SCHEME_BASIC = "Basic";
    public static final String AUTH_SCHEME_NEGOTIATE = "Negotiate";
    public static final String AUTH_SCHEME_APPLICATION_TOKEN = "Application Token";
    static final /* synthetic */ boolean $assertionsDisabled;

    public HttpBaseSecurityFilter() {
        this(null);
    }

    public HttpBaseSecurityFilter(Logger logger) {
        this.logger = logger;
    }

    public Logger getLogger() {
        return this.logger;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeResponse(HttpStatus httpStatus, String str, IoFilter.NextFilter nextFilter, IoSession ioSession, HttpRequestMessage httpRequestMessage) {
        HttpResponseMessage httpResponseMessage = new HttpResponseMessage();
        httpResponseMessage.setVersion(httpRequestMessage.getVersion());
        httpResponseMessage.setStatus(httpStatus);
        if (str != null) {
            httpResponseMessage.setBodyReason(str);
        }
        nextFilter.filterWrite(ioSession, new DefaultWriteRequestEx(httpResponseMessage, new DefaultWriteFutureEx(ioSession)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeResponse(HttpStatus httpStatus, IoFilter.NextFilter nextFilter, IoSession ioSession, HttpRequestMessage httpRequestMessage) {
        writeResponse(httpStatus, null, nextFilter, ioSession, httpRequestMessage);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeChallenge(HttpResponseMessage httpResponseMessage, IoFilter.NextFilter nextFilter, IoSession ioSession, String str) {
        if (this.logger != null && this.logger.isTraceEnabled()) {
            this.logger.trace("Sending HTTP challenge for auth scheme {}", str);
        }
        nextFilter.filterWrite(ioSession, new DefaultWriteRequestEx(httpResponseMessage, new DefaultWriteFutureEx(ioSession)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Collection<String> getAuthorizedRoles(Subject subject) {
        Set<Principal> principals = subject.getPrincipals();
        HashSet hashSet = new HashSet();
        Iterator<Principal> it = principals.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getName());
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean loggerEnabled() {
        return this.logger != null && this.logger.isTraceEnabled();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean httpRequestMessageReceived(IoFilter.NextFilter nextFilter, IoSession ioSession, Object obj) throws Exception {
        if (HttpMessage.Kind.REQUEST != ((HttpMessage) obj).getKind()) {
            super.doMessageReceived(nextFilter, ioSession, obj);
            return false;
        }
        if ($assertionsDisabled || HttpMessage.Kind.REQUEST == ((HttpMessage) obj).getKind()) {
            return true;
        }
        throw new AssertionError();
    }

    static {
        $assertionsDisabled = !HttpBaseSecurityFilter.class.desiredAssertionStatus();
        SUBJECT_FORBIDDEN = new Subject();
    }
}
