package weblogic.webservice.server.servlet;

import com.cmcc.mm7.vasp.common.MMConstants;
import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.xml.soap.SOAPException;
import weblogic.management.descriptors.webservice.WebServicesMBean;
import weblogic.security.SubjectUtils;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.servlet.internal.WebAppServletContext;
import weblogic.utils.http.HttpParsing;
import weblogic.webservice.binding.Binding;
import weblogic.webservice.dd.verify.VerifyException;
import weblogic.webservice.monitoring.WSComponentRuntimeMBeanImpl;
import weblogic.webservice.server.ConfigException;
import weblogic.webservice.server.WebServiceContext;
import weblogic.webservice.server.WebServiceManager;
import weblogic.webservice.util.ServerSecurityHelper;

/* loaded from: input_file:weblogic/webservice/server/servlet/ServletSecurityHelper.class */
public class ServletSecurityHelper {
    private static final AuthenticatedSubject kernelID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static String AUTHENTICATION_HEADER = MMConstants.AUTHORIZATION;
    private final WebAppServletContext servletCtx;
    private final String securityRealm;

    public ServletSecurityHelper(WebAppServletContext webAppServletContext) {
        this.servletCtx = webAppServletContext;
        this.securityRealm = this.servletCtx.getSecurityRealmName();
    }

    public final AuthenticatedSubject getRequestSubject(HttpServletRequest httpServletRequest) throws LoginException {
        String[] authInfo;
        if (!SubjectUtils.isUserAnonymous(ServerSecurityHelper.getCurrentSubject())) {
            return null;
        }
        String header = httpServletRequest.getHeader(AUTHENTICATION_HEADER);
        if (header != null && (authInfo = HttpParsing.getAuthInfo(header)) != null && authInfo[0] != null && authInfo[1] != null) {
            return ServerSecurityHelper.assertIdentity(authInfo[0], authInfo[1], this.securityRealm);
        }
        if (!httpServletRequest.isSecure()) {
            return null;
        }
        X509Certificate[] x509CertificateArr = null;
        try {
            x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        } catch (ClassCastException e) {
        }
        if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
            return null;
        }
        return ServerSecurityHelper.assertIdentity(x509CertificateArr, this.securityRealm);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public WebServiceContext createWebServiceContext(WebServicesMBean webServicesMBean) throws ConfigException, VerifyException {
        try {
            return (WebServiceContext) SecurityServiceManager.runAs(kernelID, kernelID, new PrivilegedExceptionAction(this, webServicesMBean) { // from class: weblogic.webservice.server.servlet.ServletSecurityHelper.1
                private final WebServicesMBean val$wsMBean;
                private final ServletSecurityHelper this$0;

                {
                    this.this$0 = this;
                    this.val$wsMBean = webServicesMBean;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws ConfigException, VerifyException {
                    return new WebServiceContext(this.val$wsMBean, this.this$0.servletCtx);
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof VerifyException) {
                throw ((VerifyException) exception);
            }
            if (exception instanceof ConfigException) {
                throw ((ConfigException) exception);
            }
            throw new UndeclaredThrowableException(exception);
        }
    }

    public static void unregisterRuntime(WSComponentRuntimeMBeanImpl wSComponentRuntimeMBeanImpl) throws PrivilegedActionException {
        SecurityServiceManager.runAs(kernelID, kernelID, new PrivilegedExceptionAction(wSComponentRuntimeMBeanImpl) { // from class: weblogic.webservice.server.servlet.ServletSecurityHelper.2
            private final WSComponentRuntimeMBeanImpl val$wm;

            {
                this.val$wm = wSComponentRuntimeMBeanImpl;
            }

            @Override // java.security.PrivilegedExceptionAction
            public Object run() {
                this.val$wm.unregister_recursively();
                return null;
            }
        });
    }

    public static final void authenticatedPortInvoke(AuthenticatedSubject authenticatedSubject, String str, WebServiceManager webServiceManager, Binding binding) throws SOAPException {
        try {
            SecurityServiceManager.runAs(getKernelID(), authenticatedSubject, new PrivilegedExceptionAction(webServiceManager, str, binding) { // from class: weblogic.webservice.server.servlet.ServletSecurityHelper.3
                private final WebServiceManager val$manager;
                private final String val$uri;
                private final Binding val$binding;

                {
                    this.val$manager = webServiceManager;
                    this.val$uri = str;
                    this.val$binding = binding;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws SOAPException, IOException {
                    this.val$manager.dispatch(this.val$uri, this.val$binding);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            if (!(e.getException() instanceof SOAPException)) {
                throw new UndeclaredThrowableException(e.getException());
            }
            throw ((SOAPException) e.getException());
        }
    }

    private static AuthenticatedSubject getKernelID() {
        return kernelID;
    }
}
