package com.sun.identity.rest;

import com.sun.identity.rest.spi.IAuthentication;
import com.sun.identity.rest.spi.IAuthorization;
import com.sun.identity.shared.debug.Debug;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/sun/identity/rest/RestServiceManager.class */
public class RestServiceManager {
    private static RestServiceManager serviceManager = new RestServiceManager();
    static final Debug DEBUG = Debug.getInstance("Entitlement");
    public static final String DEFAULT_AUTHN_SCHEME = "sstoken";
    public static final String SUBJECT_HEADER_NAME = "X-Query-Parameters";
    public static final String HASHED_SUBJECT_QUERY = "subject";
    public static final String SSOTOKEN_SUBJECT_PREFIX = "ssotoken";
    public static final String SUBJECT_DELIMITER = ":";
    public static final String DISABLE_HASHED_SUBJECT_CHECK = "rest.disable.hashed.subject.validation";
    public static final String DEFAULT_AUTHZ_SCHEME = "ssotoken";
    private Map<String, IAuthentication> authNServices = new HashMap();
    private Map<String, IAuthorization> authZServices = new HashMap();

    private RestServiceManager() {
    }

    public static RestServiceManager getInstance() {
        return serviceManager;
    }

    public synchronized void destroy() {
        Iterator<IAuthentication> it = this.authNServices.values().iterator();
        while (it.hasNext()) {
            try {
                it.next().destroy();
            } catch (Exception e) {
                DEBUG.error("AuthNFilter.destroy", e);
            }
        }
        this.authNServices.clear();
        Iterator<IAuthorization> it2 = this.authZServices.values().iterator();
        while (it2.hasNext()) {
            try {
                it2.next().destroy();
            } catch (Exception e2) {
                DEBUG.error("AuthZFilter.destroy", e2);
            }
        }
        this.authZServices.clear();
    }

    public void initAuthN(FilterConfig filterConfig) {
        Iterator it = ServiceLoader.load(IAuthentication.class).iterator();
        while (it.hasNext()) {
            IAuthentication iAuthentication = (IAuthentication) it.next();
            try {
                iAuthentication.init(filterConfig);
                for (String str : iAuthentication.accept()) {
                    this.authNServices.put(str, iAuthentication);
                }
            } catch (Exception e) {
                DEBUG.error("ServiceManager.initAuthN", e);
            }
        }
    }

    public void initAuthZ(FilterConfig filterConfig) {
        Iterator it = ServiceLoader.load(IAuthorization.class).iterator();
        while (it.hasNext()) {
            IAuthorization iAuthorization = (IAuthorization) it.next();
            try {
                iAuthorization.init(filterConfig);
                for (String str : iAuthorization.accept()) {
                    this.authZServices.put(str, iAuthorization);
                }
            } catch (Exception e) {
                DEBUG.error("AuthZFilter.init", e);
            }
        }
    }

    public IAuthentication getAuthenticationFilter(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("X-Accept-Authentication");
        if (header == null) {
            return this.authNServices.get(DEFAULT_AUTHN_SCHEME);
        }
        StringTokenizer stringTokenizer = new StringTokenizer(header, ",");
        while (stringTokenizer.hasMoreTokens()) {
            IAuthentication iAuthentication = this.authNServices.get(stringTokenizer.nextToken());
            if (iAuthentication != null) {
                return iAuthentication;
            }
        }
        return null;
    }

    public IAuthorization getAuthorizationFilter(HttpServletRequest httpServletRequest) {
        int indexOf;
        String header = httpServletRequest.getHeader(SUBJECT_HEADER_NAME);
        if (header != null && (indexOf = header.indexOf(SUBJECT_DELIMITER)) != -1) {
            return this.authZServices.get(header.substring(0, indexOf));
        }
        return this.authZServices.get("ssotoken");
    }

    public Subject getAuthZSubject(HttpServletRequest httpServletRequest) throws RestException {
        return getAuthorizationFilter(httpServletRequest).getAuthZSubject(httpServletRequest);
    }
}
