package org.globus.wsrf.container;

import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.gsi.GSIConstants;
import org.globus.gsi.gssapi.GSSConstants;
import org.globus.gsi.gssapi.auth.Authorization;
import org.globus.gsi.gssapi.net.GssSocket;
import org.globus.gsi.gssapi.net.GssSocketFactory;
import org.globus.gsi.jaas.GlobusPrincipal;
import org.globus.gsi.jaas.JaasGssUtil;
import org.globus.util.I18n;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.descriptor.ContainerSecurityConfig;
import org.gridforum.jgss.ExtendedGSSContext;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSManager;

/* loaded from: input_file:org/globus/wsrf/container/GSIServiceThread.class */
class GSIServiceThread extends ServiceThread {
    private static Log logger;
    private static I18n i18n;
    static Class class$org$globus$wsrf$container$GSIServiceThread;
    static Class class$org$globus$wsrf$utils$Resources;

    public GSIServiceThread(ServiceDispatcher serviceDispatcher) {
        super(serviceDispatcher);
    }

    @Override // org.globus.wsrf.container.ServiceThread
    protected String getProtocol() {
        return "https";
    }

    @Override // org.globus.wsrf.container.ServiceThread
    protected void process(ServiceRequest serviceRequest) {
        X509Certificate[] x509CertificateArr;
        logger.debug(new StringBuffer().append(getName()).append(": processing requests").toString());
        GSSManager extendedGSSManager = ExtendedGSSManager.getInstance();
        GssSocket gssSocket = null;
        try {
            ContainerSecurityConfig config = ContainerSecurityConfig.getConfig();
            config.refresh();
            Subject subject = config.getSubject();
            if (subject == null) {
                throw new RuntimeException(i18n.getMessage("noValidCreds"));
            }
            ExtendedGSSContext createContext = extendedGSSManager.createContext(JaasGssUtil.getCredential(subject));
            createContext.setOption(GSSConstants.GSS_MODE, GSIConstants.MODE_SSL);
            createContext.setOption(GSSConstants.ACCEPT_NO_CLIENT_CERTS, Boolean.TRUE);
            GssSocket createSocket = GssSocketFactory.getDefault().createSocket(serviceRequest.getSocket(), (String) null, 0, createContext);
            createSocket.setUseClientMode(false);
            createSocket.setAuthorization((Authorization) null);
            createSocket.getOutputStream();
            String obj = createContext.getSrcName().toString();
            logger.debug(new StringBuffer().append(getName()).append(": Authenticated globus user: ").append(obj).toString());
            Subject subject2 = getSubject();
            subject2.getPrincipals().add(new GlobusPrincipal(obj));
            if ((createContext instanceof ExtendedGSSContext) && (x509CertificateArr = (X509Certificate[]) createContext.inquireByOid(GSSConstants.X509_CERT_CHAIN)) != null) {
                subject2.getPublicCredentials().add(x509CertificateArr);
            }
            this.msgContext.setProperty(Constants.TRANSPORT_SECURITY_CONTEXT, createContext);
            if (createContext.getConfState()) {
                this.msgContext.setProperty("org.globus.security.transport.type", GSIConstants.ENCRYPTION);
            } else if (createContext.getIntegState()) {
                this.msgContext.setProperty("org.globus.security.transport.type", GSIConstants.SIGNATURE);
            } else {
                this.msgContext.setProperty("org.globus.security.transport.type", GSIConstants.NONE);
            }
            super.process(new ServiceRequest(createSocket, serviceRequest.getServerSocket()));
        } catch (Exception e) {
            if (0 == 0) {
                try {
                    serviceRequest.getSocket().close();
                } catch (Exception e2) {
                }
            } else {
                try {
                    gssSocket.close();
                } catch (Exception e3) {
                }
            }
            logger.error(i18n.getMessage("serverFault00"), e);
        }
    }

    protected Subject getSubject() {
        Subject subject = (Subject) this.msgContext.getProperty(Constants.PEER_SUBJECT);
        if (subject == null) {
            subject = new Subject();
            this.msgContext.setProperty(Constants.PEER_SUBJECT, subject);
        }
        return subject;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$container$GSIServiceThread == null) {
            cls = class$("org.globus.wsrf.container.GSIServiceThread");
            class$org$globus$wsrf$container$GSIServiceThread = cls;
        } else {
            cls = class$org$globus$wsrf$container$GSIServiceThread;
        }
        logger = LogFactory.getLog(cls.getName());
        if (class$org$globus$wsrf$utils$Resources == null) {
            cls2 = class$("org.globus.wsrf.utils.Resources");
            class$org$globus$wsrf$utils$Resources = cls2;
        } else {
            cls2 = class$org$globus$wsrf$utils$Resources;
        }
        i18n = I18n.getI18n(cls2.getName());
    }
}
