package info.elexis.server.core.security.internal;

import ch.elexis.core.eenv.IElexisEnvironmentService;
import ch.elexis.core.services.IContextService;
import ch.elexis.core.services.IModelService;
import ch.elexis.core.utils.OsgiServiceUtil;
import com.eclipsesource.jaxrs.publisher.ServletConfiguration;
import info.elexis.server.core.SystemPropertyConstants;
import info.elexis.server.core.servlet.filter.ContextSettingFilter;
import info.elexis.server.core.servlet.filter.ElexisEnvironmentKeycloakConfigResolver;
import java.util.Dictionary;
import java.util.Hashtable;
import javax.servlet.ServletException;
import org.eclipse.equinox.http.servlet.ExtendedHttpService;
import org.keycloak.adapters.servlet.KeycloakOIDCFilter;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.http.NamespaceException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {ServletConfiguration.class})
/* loaded from: input_file:info/elexis/server/core/security/internal/JaxRsServletConfiguration.class */
public class JaxRsServletConfiguration implements ServletConfiguration {
    private static final String SERVICES_BASE_URL = "/services";
    private static final String OAUTH_CLIENT_POSTFIX = "jaxrs-api";
    private final String SKIP_PATTERN = "/services/(elexis|public)/.*";
    private Logger log = LoggerFactory.getLogger(JaxRsServletConfiguration.class);

    @Reference(target = "(service.model.name=ch.elexis.core.model)")
    protected IModelService coreModelService;

    @Reference
    private IContextService contextService;

    public HttpContext getHttpContext(HttpService httpService, String str) {
        Thread.currentThread().setContextClassLoader(JaxRsServletConfiguration.class.getClassLoader());
        ExtendedHttpService extendedHttpService = (ExtendedHttpService) httpService;
        ElexisEnvironmentKeycloakConfigResolver elexisEnvironmentKeycloakConfigResolver = null;
        if (!SystemPropertyConstants.isDisableWebSecurity()) {
            IElexisEnvironmentService iElexisEnvironmentService = (IElexisEnvironmentService) OsgiServiceUtil.getService(IElexisEnvironmentService.class).orElse(null);
            if (iElexisEnvironmentService == null) {
                this.log.error("Web security enabled, but IElexisEnvironmentService is not available. Aborting JAXRS service setup.");
                throw new IllegalStateException();
            }
            elexisEnvironmentKeycloakConfigResolver = new ElexisEnvironmentKeycloakConfigResolver(iElexisEnvironmentService, OAUTH_CLIENT_POSTFIX);
        }
        try {
            if (elexisEnvironmentKeycloakConfigResolver != null) {
                Hashtable hashtable = new Hashtable();
                hashtable.put("keycloak.config.skipPattern", "/services/(elexis|public)/.*");
                extendedHttpService.registerFilter("/services/*", new KeycloakOIDCFilter(elexisEnvironmentKeycloakConfigResolver), hashtable, (HttpContext) null);
                extendedHttpService.registerFilter("/services/*", new ContextSettingFilter(this.contextService, this.coreModelService, "/services/(elexis|public)/.*"), new Hashtable(), (HttpContext) null);
            } else {
                this.log.error("--- UNPROTECTED JAXRS API ---");
            }
            return null;
        } catch (ServletException | NamespaceException e) {
            this.log.error("Error registering Keycloak filter", e);
            return null;
        }
    }

    public Dictionary<String, String> getInitParams(HttpService httpService, String str) {
        return null;
    }
}
