package pt.com.broker.net;

import java.net.InetSocketAddress;
import java.util.ArrayList;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelFutureListener;
import org.jboss.netty.channel.ChannelHandler;
import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.ChannelStateEvent;
import org.jboss.netty.channel.MessageEvent;
import org.jboss.netty.channel.SimpleChannelUpstreamHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pt.com.broker.auth.AccessControl;
import pt.com.broker.auth.Session;
import pt.com.broker.auth.SessionProperties;
import pt.com.broker.types.NetFault;
import pt.com.broker.types.NetMessage;
import pt.com.broker.types.channels.ChannelAttributes;
import pt.com.broker.types.stats.MiscStats;
import pt.com.gcs.conf.GcsInfo;
import pt.com.gcs.conf.global.ChannelType;

@ChannelHandler.Sharable
/* loaded from: input_file:pt/com/broker/net/AuthorizationFilter.class */
public class AuthorizationFilter extends SimpleChannelUpstreamHandler {
    private static final Logger log = LoggerFactory.getLogger(AuthorizationFilter.class);

    @Override // org.jboss.netty.channel.SimpleChannelUpstreamHandler
    public void channelConnected(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) throws Exception {
        Session session;
        super.channelOpen(channelHandlerContext, channelStateEvent);
        Channel channel = channelHandlerContext.getChannel();
        if (((InetSocketAddress) channel.getLocalAddress()).getPort() == GcsInfo.getBrokerSSLPort()) {
            ArrayList arrayList = new ArrayList(3);
            arrayList.add(ChannelType.AUTHENTICATION);
            arrayList.add(ChannelType.CONFIDENTIALITY);
            arrayList.add(ChannelType.INTEGRITY);
            SessionProperties sessionProperties = new SessionProperties(channel);
            sessionProperties.setChannelTypes(arrayList);
            session = new Session(channel, sessionProperties);
        } else {
            session = new Session(channel);
        }
        ChannelAttributes.set(ChannelAttributes.getChannelId(channelHandlerContext), "BROKER_SESSION_PROPERTIES", session);
    }

    @Override // org.jboss.netty.channel.SimpleChannelUpstreamHandler
    public void messageReceived(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent) {
        Channel channel = channelHandlerContext.getChannel();
        Object obj = ChannelAttributes.get(ChannelAttributes.getChannelId(channelHandlerContext), "BROKER_SESSION_PROPERTIES");
        if (obj == null) {
            obj = new Session(channel);
        }
        NetMessage netMessage = (NetMessage) messageEvent.getMessage();
        Session session = null;
        if (obj != null) {
            session = (Session) obj;
        }
        AccessControl.ValidationResult validate = AccessControl.validate(netMessage, session);
        if (validate.accessGranted) {
            channelHandlerContext.sendUpstream(messageEvent);
        } else {
            log.info("Message refused: '{}'", validate.reasonForRejection);
            messageRefused(channel, netMessage, validate.reasonForRejection);
        }
    }

    private void messageRefused(Channel channel, NetMessage netMessage, String str) {
        if (str == null) {
            channel.write(NetFault.AccessDeniedErrorMessage).addListener(ChannelFutureListener.CLOSE);
        } else {
            channel.write(NetFault.getMessageFaultWithDetail(NetFault.AccessDeniedErrorMessage, str)).addListener(ChannelFutureListener.CLOSE);
        }
        MiscStats.newAccessDenied();
    }
}
