package pt.com.broker.net;

import io.netty.channel.Channel;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.SimpleChannelInboundHandler;
import java.net.InetSocketAddress;
import java.util.ArrayList;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pt.com.broker.auth.AccessControl;
import pt.com.broker.auth.Session;
import pt.com.broker.auth.SessionProperties;
import pt.com.broker.types.ActionIdDecorator;
import pt.com.broker.types.NetFault;
import pt.com.broker.types.NetMessage;
import pt.com.broker.types.channels.ChannelAttributes;
import pt.com.broker.types.stats.MiscStats;
import pt.com.gcs.conf.GcsInfo;
import pt.com.gcs.conf.global.ChannelType;

@ChannelHandler.Sharable
/* loaded from: input_file:pt/com/broker/net/AuthorizationFilter.class */
public class AuthorizationFilter extends SimpleChannelInboundHandler<NetMessage> {
    private static final Logger log = LoggerFactory.getLogger(AuthorizationFilter.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public void channelRead0(ChannelHandlerContext channelHandlerContext, NetMessage netMessage) throws Exception {
        Channel channel = channelHandlerContext.channel();
        Object obj = ChannelAttributes.get(ChannelAttributes.getChannelId(channelHandlerContext), "BROKER_SESSION_PROPERTIES");
        if (obj == null) {
            obj = new Session(channel);
        }
        Session session = null;
        if (obj != null) {
            session = (Session) obj;
        }
        AccessControl.ValidationResult validate = AccessControl.validate(netMessage, session);
        if (validate.accessGranted) {
            channelHandlerContext.fireChannelRead(netMessage);
        } else {
            log.info("Message refused: '{}'", validate.reasonForRejection);
            messageRefused(channel, netMessage, validate.reasonForRejection);
        }
    }

    public void channelActive(ChannelHandlerContext channelHandlerContext) throws Exception {
        Session session;
        super.channelActive(channelHandlerContext);
        Channel channel = channelHandlerContext.channel();
        if (((InetSocketAddress) channel.localAddress()).getPort() == GcsInfo.getBrokerSSLPort()) {
            ArrayList arrayList = new ArrayList(3);
            arrayList.add(ChannelType.AUTHENTICATION);
            arrayList.add(ChannelType.CONFIDENTIALITY);
            arrayList.add(ChannelType.INTEGRITY);
            SessionProperties sessionProperties = new SessionProperties(channel);
            sessionProperties.setChannelTypes(arrayList);
            session = new Session(channel, sessionProperties);
        } else {
            session = new Session(channel);
        }
        ChannelAttributes.set(ChannelAttributes.getChannelId(channelHandlerContext), "BROKER_SESSION_PROPERTIES", session);
    }

    private void messageRefused(Channel channel, NetMessage netMessage, String str) {
        NetMessage buildNetFaultMessage = NetFault.buildNetFaultMessage("3201", "Access denied");
        buildNetFaultMessage.getAction().getFaultMessage().setActionId(new ActionIdDecorator(netMessage).getActionId());
        if (str == null) {
            channel.writeAndFlush(buildNetFaultMessage).addListener(ChannelFutureListener.CLOSE);
        } else {
            channel.writeAndFlush(NetFault.getMessageFaultWithDetail(buildNetFaultMessage, str)).addListener(ChannelFutureListener.CLOSE);
        }
        MiscStats.newAccessDenied();
    }
}
