package org.glassfish.webservices;

import com.sun.enterprise.deployment.Application;
import com.sun.enterprise.deployment.WebServiceEndpoint;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.net.URLEncoder;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.api.logging.LogHelper;
import org.glassfish.ejb.api.EjbEndpointFacade;
import org.glassfish.ejb.spi.WSEjbEndpointRegistry;
import org.glassfish.internal.api.Globals;
import org.glassfish.webservices.monitoring.Endpoint;
import org.glassfish.webservices.monitoring.WebServiceEngineImpl;
import org.glassfish.webservices.monitoring.WebServiceTesterServlet;

/* loaded from: input_file:org/glassfish/webservices/EjbWebServiceServlet.class */
public class EjbWebServiceServlet extends HttpServlet {
    private static final Logger logger = LogUtils.getLogger();
    private SecurityService securityService;

    public EjbWebServiceServlet() {
        if (Globals.getDefaultHabitat() != null) {
            this.securityService = (SecurityService) Globals.get(SecurityService.class);
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String requestURI = httpServletRequest.getRequestURI();
        String substring = requestURI.charAt(0) == '/' ? requestURI.substring(1) : requestURI;
        String queryString = httpServletRequest.getQueryString();
        WebServiceEjbEndpointRegistry webServiceEjbEndpointRegistry = (WebServiceEjbEndpointRegistry) Globals.getDefaultHabitat().getService(WSEjbEndpointRegistry.class, new Annotation[0]);
        EjbRuntimeEndpointInfo ejbWebServiceEndpoint = webServiceEjbEndpointRegistry.getEjbWebServiceEndpoint(substring, httpServletRequest.getMethod(), queryString);
        if (substring.contains("__container$publishing$subctx") && ejbWebServiceEndpoint == null) {
            ejbWebServiceEndpoint = webServiceEjbEndpointRegistry.getEjbWebServiceEndpoint(substring.substring(0, substring.indexOf("__container$publishing$subctx") - 1), httpServletRequest.getMethod(), queryString);
        }
        if (ejbWebServiceEndpoint == null) {
            httpServletResponse.sendError(404);
            return;
        }
        String scheme = httpServletRequest.getScheme();
        WebServiceEndpoint endpoint = ejbWebServiceEndpoint.getEndpoint();
        if ("http".equals(scheme) && endpoint.isSecure()) {
            logger.log(Level.WARNING, LogUtils.INVALID_REQUEST_SCHEME, new Object[]{endpoint.getEndpointName(), "https", scheme});
            StringBuilder sb = new StringBuilder(endpoint.composeEndpointAddress(new WsUtil().getWebServerInfoForDAS().getWebServerRootURL(true)).toExternalForm());
            if (queryString != null && queryString.trim().length() > 0) {
                sb.append("?");
                sb.append(queryString);
            }
            httpServletResponse.sendRedirect(URLEncoder.encode(sb.toString(), "UTF-8"));
            return;
        }
        boolean z = true;
        if ("Tester".equalsIgnoreCase(queryString) && !"http://www.w3.org/2004/08/wsdl/http".equals(endpoint.getProtocolBinding())) {
            Endpoint endpoint2 = WebServiceEngineImpl.getInstance().getEndpoint(httpServletRequest.getRequestURI());
            if (endpoint2.getDescriptor().isSecure() || endpoint2.getDescriptor().getMessageSecurityBinding() != null) {
                new WsUtil().writeInvalidMethodType(httpServletResponse, endpoint2.getDescriptor().getWebService().getName() + "is a secured web service; Tester feature is not supported for secured services");
                return;
            } else if (Boolean.parseBoolean(endpoint2.getDescriptor().getDebugging())) {
                z = false;
                WebServiceTesterServlet.invoke(httpServletRequest, httpServletResponse, endpoint2.getDescriptor());
            }
        }
        if ("wsdl".equalsIgnoreCase(queryString) && !"http://www.w3.org/2004/08/wsdl/http".equals(endpoint.getProtocolBinding()) && endpoint.getWsdlExposed() != null && !Boolean.parseBoolean(endpoint.getWsdlExposed())) {
            httpServletResponse.sendError(404);
        }
        if (z) {
            dispatchToEjbEndpoint(httpServletRequest, httpServletResponse, ejbWebServiceEndpoint);
        }
    }

    private void dispatchToEjbEndpoint(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, EjbRuntimeEndpointInfo ejbRuntimeEndpointInfo) {
        EjbEndpointFacade container = ejbRuntimeEndpointInfo.getContainer();
        boolean z = false;
        try {
            try {
                ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
                Thread.currentThread().setContextClassLoader(container.getEndpointClassLoader());
                String str = null;
                Application application = ejbRuntimeEndpointInfo.getEndpoint().getBundleDescriptor().getApplication();
                if (application != null) {
                    str = application.getRealm();
                }
                if (str == null) {
                    str = ejbRuntimeEndpointInfo.getEndpoint().getRealm();
                }
                if (str == null) {
                    str = httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort();
                }
                try {
                    if (this.securityService != null) {
                        z = this.securityService.doSecurity(httpServletRequest, ejbRuntimeEndpointInfo, str, ejbRuntimeEndpointInfo.getWebServiceContext());
                    }
                } catch (Exception e) {
                    LogHelper.log(logger, Level.WARNING, LogUtils.AUTH_FAILED, e, new Object[]{ejbRuntimeEndpointInfo.getEndpoint().getEndpointName()});
                }
                if (z) {
                    ejbRuntimeEndpointInfo.getMessageDispatcher().invoke(httpServletRequest, httpServletResponse, getServletContext(), ejbRuntimeEndpointInfo);
                    if (this.securityService != null) {
                        this.securityService.resetSecurityContext();
                        this.securityService.resetPolicyContext();
                    }
                    Thread.currentThread().setContextClassLoader(contextClassLoader);
                    return;
                }
                httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + str + "\"");
                httpServletResponse.sendError(401);
                if (this.securityService != null) {
                    this.securityService.resetSecurityContext();
                    this.securityService.resetPolicyContext();
                }
                Thread.currentThread().setContextClassLoader(contextClassLoader);
            } catch (Throwable th) {
                logger.log(Level.WARNING, LogUtils.EXCEPTION_THROWN, th);
                if (this.securityService != null) {
                    this.securityService.resetSecurityContext();
                    this.securityService.resetPolicyContext();
                }
                Thread.currentThread().setContextClassLoader(null);
            }
        } catch (Throwable th2) {
            if (this.securityService != null) {
                this.securityService.resetSecurityContext();
                this.securityService.resetPolicyContext();
            }
            Thread.currentThread().setContextClassLoader(null);
            throw th2;
        }
    }
}
