package com.microsoft.tfs.core.config.auth;

import com.microsoft.tfs.core.Messages;
import com.microsoft.tfs.core.config.ConnectionInstanceData;
import com.microsoft.tfs.core.config.httpclient.ConfigurableHTTPClientFactory;
import com.microsoft.tfs.core.exceptions.TECoreException;
import com.microsoft.tfs.core.httpclient.PreemptiveUsernamePasswordCredentials;
import com.microsoft.tfs.core.httpclient.UsernamePasswordCredentials;
import com.microsoft.tfs.core.httpclient.WRAPCredentials;
import com.microsoft.tfs.core.httpclient.auth.AuthScope;
import com.microsoft.tfs.core.util.FederatedAuthenticationHelpers;
import com.microsoft.tfs.core.util.URIUtils;
import com.microsoft.tfs.core.ws.runtime.client.SOAPRequest;
import com.microsoft.tfs.core.ws.runtime.client.SOAPService;
import com.microsoft.tfs.core.ws.runtime.client.TransportRequestHandler;
import com.microsoft.tfs.core.ws.runtime.exceptions.FederatedAuthException;
import com.microsoft.tfs.util.Check;
import com.microsoft.tfs.util.StringHelpers;
import java.net.URI;
import java.text.MessageFormat;
import java.util.concurrent.atomic.AtomicBoolean;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/com.microsoft.tfs.sdk-14.0.1.jar:com/microsoft/tfs/core/config/auth/DefaultTransportRequestHandler.class */
public class DefaultTransportRequestHandler implements TransportRequestHandler {
    private static final Log log = LogFactory.getLog(DefaultTransportRequestHandler.class);
    private final ConnectionInstanceData connectionInstanceData;
    private final ConfigurableHTTPClientFactory clientFactory;

    public DefaultTransportRequestHandler(ConnectionInstanceData connectionInstanceData, ConfigurableHTTPClientFactory configurableHTTPClientFactory) {
        Check.notNull(connectionInstanceData, "connectionInstanceData");
        Check.notNull(configurableHTTPClientFactory, "clientFactory");
        this.connectionInstanceData = connectionInstanceData;
        this.clientFactory = configurableHTTPClientFactory;
    }

    protected ConnectionInstanceData getConnectionInstanceData() {
        return this.connectionInstanceData;
    }

    protected ConfigurableHTTPClientFactory getClientFactory() {
        return this.clientFactory;
    }

    @Override // com.microsoft.tfs.core.ws.runtime.client.TransportRequestHandler
    public TransportRequestHandler.Status prepareRequest(SOAPService sOAPService, SOAPRequest sOAPRequest, AtomicBoolean atomicBoolean) {
        return TransportRequestHandler.Status.CONTINUE;
    }

    @Override // com.microsoft.tfs.core.ws.runtime.client.TransportRequestHandler
    public TransportRequestHandler.Status handleException(SOAPService sOAPService, SOAPRequest sOAPRequest, Exception exc, AtomicBoolean atomicBoolean) {
        return exc instanceof FederatedAuthException ? handleFederatedAuthentication(sOAPService, sOAPRequest, (FederatedAuthException) exc, atomicBoolean) : TransportRequestHandler.Status.CONTINUE;
    }

    @Override // com.microsoft.tfs.core.ws.runtime.client.TransportRequestHandler
    public TransportRequestHandler.Status handleSuccess(SOAPService sOAPService, SOAPRequest sOAPRequest) {
        return TransportRequestHandler.Status.CONTINUE;
    }

    private TransportRequestHandler.Status handleFederatedAuthentication(SOAPService sOAPService, SOAPRequest sOAPRequest, FederatedAuthException federatedAuthException, AtomicBoolean atomicBoolean) {
        if (this.connectionInstanceData.getCredentials() == null || !(this.connectionInstanceData.getCredentials() instanceof UsernamePasswordCredentials)) {
            log.debug("No username in credentials, can't handle with service credentials");
            return TransportRequestHandler.Status.CONTINUE;
        }
        if (this.connectionInstanceData.getCredentials() instanceof PreemptiveUsernamePasswordCredentials) {
            return TransportRequestHandler.Status.CONTINUE;
        }
        boolean z = false;
        String[] mechanisms = federatedAuthException.getMechanisms();
        int length = mechanisms.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str = mechanisms[i];
            if (!StringHelpers.isNullOrEmpty(str) && "Basic".equalsIgnoreCase(str.split(" ", 2)[0])) {
                z = true;
                break;
            }
            i++;
        }
        UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) this.connectionInstanceData.getCredentials();
        if (z) {
            log.debug("Handling FederatedAuthException with basic credentials");
            PreemptiveUsernamePasswordCredentials newFrom = PreemptiveUsernamePasswordCredentials.newFrom(usernamePasswordCredentials);
            this.connectionInstanceData.setCredentials(newFrom);
            sOAPService.getHTTPClient().getState().setCredentials(AuthScope.ANY, newFrom);
        } else {
            log.debug("Handling FederatedAuthException with service credentials");
            URI newURI = URIUtils.newURI(federatedAuthException.getFedAuthIssuer());
            String fedAuthRealm = federatedAuthException.getFedAuthRealm();
            String wRAPAccessToken = FederatedAuthenticationHelpers.getWRAPAccessToken(this.clientFactory, newURI, fedAuthRealm, usernamePasswordCredentials.getUsername(), usernamePasswordCredentials.getPassword());
            log.trace(MessageFormat.format("Got service credentials token {0}", wRAPAccessToken));
            if (wRAPAccessToken == null) {
                throw new TECoreException(MessageFormat.format(Messages.getString("ServiceCredentialsHandler.TokenNotFoundInResponseFormat"), newURI, fedAuthRealm));
            }
            this.connectionInstanceData.setCredentials(new WRAPCredentials(wRAPAccessToken));
            this.clientFactory.configureClientCredentials(sOAPService.getClient(), sOAPService.getClient().getState(), this.connectionInstanceData);
        }
        return TransportRequestHandler.Status.COMPLETE;
    }
}
