package org.globus.tomcat.catalina.valves;

import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.Context;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.util.StringManager;
import org.apache.catalina.valves.ValveBase;
import org.globus.tomcat.catalina.net.GSISocket;
import org.ietf.jgss.GSSCredential;

/* loaded from: input_file:org/globus/tomcat/catalina/valves/CertificatesValve.class */
public final class CertificatesValve extends ValveBase implements Lifecycle {
    protected static final String info = "org.globus.tomcat.catalina.valves.CertificatesValve/1.0";
    protected static StringManager sm = StringManager.getManager("org.apache.catalina.valves");
    protected boolean certificates = false;
    protected int debug = 0;
    protected LifecycleSupport lifecycle = new LifecycleSupport(this);
    protected boolean started = false;

    public int getDebug() {
        return this.debug;
    }

    public void setDebug(int i) {
        this.debug = i;
    }

    public String getInfo() {
        return info;
    }

    public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException {
        if (this.certificates) {
            verify(request, request);
        }
        expose(request, request);
        valveContext.invokeNext(request, response);
    }

    public void addLifecycleListener(LifecycleListener lifecycleListener) {
        this.lifecycle.addLifecycleListener(lifecycleListener);
    }

    public void removeLifecycleListener(LifecycleListener lifecycleListener) {
        this.lifecycle.removeLifecycleListener(lifecycleListener);
    }

    public LifecycleListener[] findLifecycleListeners() {
        return new LifecycleListener[0];
    }

    public void start() throws LifecycleException {
        LoginConfig loginConfig;
        if (this.started) {
            throw new LifecycleException(sm.getString("certificatesValve.alreadyStarted"));
        }
        this.started = true;
        if (this.debug >= 1) {
            log("Starting");
        }
        this.certificates = false;
        if ((this.container instanceof Context) && (loginConfig = this.container.getLoginConfig()) != null && "CLIENT-CERT".equalsIgnoreCase(loginConfig.getAuthMethod())) {
            this.certificates = true;
        }
        this.lifecycle.fireLifecycleEvent("start", (Object) null);
    }

    public void stop() throws LifecycleException {
        if (!this.started) {
            throw new LifecycleException(sm.getString("certificatesValve.notStarted"));
        }
        this.lifecycle.fireLifecycleEvent("stop", (Object) null);
        this.started = false;
        if (this.debug >= 1) {
            log("Stopping");
        }
        this.certificates = false;
    }

    protected void expose(Request request, Request request2) {
        if (request2.getSocket() != null && (request2.getSocket() instanceof GSISocket)) {
            if (this.debug >= 2) {
                log(" expose: It's a GSI socket");
            }
            GSISocket gSISocket = (GSISocket) request2.getSocket();
            GSSCredential delegatedCredentials = gSISocket.getDelegatedCredentials();
            if (delegatedCredentials != null) {
                request.getRequest().setAttribute("org.globus.gsi.credentials", delegatedCredentials);
            }
            String authorizedUserName = gSISocket.getAuthorizedUserName();
            if (authorizedUserName != null) {
                request.getRequest().setAttribute("org.globus.gsi.authorized.user.name", authorizedUserName);
            }
            String authorizedUserDN = gSISocket.getAuthorizedUserDN();
            if (authorizedUserDN != null) {
                request.getRequest().setAttribute("org.globus.gsi.authorized.user.dn", authorizedUserDN);
            }
        }
    }

    protected void log(String str) {
        if (this.container == null || this.container.getLogger() == null) {
            System.out.println(new StringBuffer().append("CertificatesValve: ").append(str).toString());
        } else {
            this.container.getLogger().log(new StringBuffer().append("CertificatesValve[").append(this.container.getName()).append("]: ").append(str).toString());
        }
    }

    protected void log(String str, Throwable th) {
        if (this.container != null && this.container.getLogger() != null) {
            this.container.getLogger().log(new StringBuffer().append("CertificatesValve[").append(this.container.getName()).append("]: ").append(str).toString(), th);
        } else {
            System.out.println(new StringBuffer().append("CertificatesValve: ").append(str).toString());
            th.printStackTrace(System.out);
        }
    }

    protected void verify(Request request, Request request2) {
    }
}
