package org.apache.knox.gateway.service.auth;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.security.auth.Subject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.security.SubjectUtils;

@Path(PreAuthResource.RESOURCE_PATH)
/* loaded from: input_file:org/apache/knox/gateway/service/auth/PreAuthResource.class */
public class PreAuthResource {
    static final String RESOURCE_PATH = "auth/api/v1/pre";
    static final String AUTH_ACTOR_ID_HEADER_NAME = "preauth.auth.header.actor.id.name";
    static final String AUTH_ACTOR_GROUPS_HEADER_PREFIX = "preauth.auth.header.actor.groups.prefix";
    static final String GROUP_FILTER_PATTERN = "preauth.group.filter.pattern";
    static final String DEFAULT_AUTH_ACTOR_ID_HEADER_NAME = "X-Knox-Actor-ID";
    static final String DEFAULT_AUTH_ACTOR_GROUPS_HEADER_PREFIX = "X-Knox-Actor-Groups";
    private static final int MAX_HEADER_LENGTH = 1000;
    private static final String ACTOR_GROUPS_HEADER_FORMAT = "%s-%d";

    @Context
    HttpServletResponse response;

    @Context
    ServletContext context;
    private String authHeaderActorIDName;
    private String authHeaderActorGroupsPrefix;
    private Pattern groupFilterPattern;
    private static final AuthMessages LOG = (AuthMessages) MessagesFactory.get(AuthMessages.class);
    private static final Pattern DEFAULT_GROUP_FILTER_PATTERN = Pattern.compile(".*");

    @PostConstruct
    public void init() {
        this.authHeaderActorIDName = getInitParameter(AUTH_ACTOR_ID_HEADER_NAME, DEFAULT_AUTH_ACTOR_ID_HEADER_NAME);
        this.authHeaderActorGroupsPrefix = getInitParameter(AUTH_ACTOR_GROUPS_HEADER_PREFIX, DEFAULT_AUTH_ACTOR_GROUPS_HEADER_PREFIX);
        String initParameter = this.context.getInitParameter(GROUP_FILTER_PATTERN);
        this.groupFilterPattern = initParameter == null ? DEFAULT_GROUP_FILTER_PATTERN : Pattern.compile(initParameter);
    }

    private String getInitParameter(String str, String str2) {
        String initParameter = this.context.getInitParameter(str);
        return initParameter == null ? str2 : initParameter;
    }

    @GET
    public Response doGet() {
        Subject currentSubject = SubjectUtils.getCurrentSubject();
        String primaryPrincipalName = currentSubject == null ? null : SubjectUtils.getPrimaryPrincipalName(currentSubject);
        if (primaryPrincipalName == null) {
            LOG.noPrincipalFound();
            return Response.status(401).build();
        }
        this.response.setHeader(this.authHeaderActorIDName, primaryPrincipalName);
        Set emptySet = currentSubject == null ? Collections.emptySet() : (Set) SubjectUtils.getGroupPrincipals(currentSubject).stream().filter(groupPrincipal -> {
            return this.groupFilterPattern.matcher(groupPrincipal.getName()).matches();
        }).map(groupPrincipal2 -> {
            return groupPrincipal2.getName();
        }).collect(Collectors.toSet());
        if (!emptySet.isEmpty()) {
            List<String> groupStrings = getGroupStrings(emptySet);
            for (int i = 0; i < groupStrings.size(); i++) {
                this.response.addHeader(String.format(Locale.ROOT, ACTOR_GROUPS_HEADER_FORMAT, this.authHeaderActorGroupsPrefix, Integer.valueOf(i + 1)), groupStrings.get(i));
            }
        }
        return Response.ok().build();
    }

    private List<String> getGroupStrings(Collection<String> collection) {
        if (collection.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        StringBuilder sb = new StringBuilder();
        for (String str : collection) {
            if (sb.length() + str.length() > MAX_HEADER_LENGTH) {
                arrayList.add(sb.toString());
                sb = new StringBuilder();
            }
            if (sb.length() > 0) {
                sb.append(',');
            }
            sb.append(str);
        }
        if (sb.length() > 0) {
            arrayList.add(sb.toString());
        }
        return arrayList;
    }
}
