package org.glassfish.admin.rest.resources;

import com.sun.grizzly.tcp.http11.GrizzlyRequest;
import java.util.HashMap;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.glassfish.admin.rest.ResourceUtil;
import org.glassfish.admin.rest.SessionManager;
import org.glassfish.admin.rest.results.ActionReportResult;
import org.glassfish.admin.rest.utils.xml.RestActionReporter;
import org.glassfish.internal.api.AdminAccessController;
import org.jvnet.hk2.component.Habitat;

@Path("/sessions")
/* loaded from: input_file:org/glassfish/admin/rest/resources/SessionsResource.class */
public class SessionsResource {

    @Context
    SessionManager sessionManager;

    @Context
    protected HttpHeaders requestHeaders;

    @Context
    protected UriInfo uriInfo;

    @Context
    private ThreadLocal<GrizzlyRequest> request;

    @Context
    protected Habitat habitat;

    @POST
    @Produces({MediaType.APPLICATION_JSON, "application/xml", "text/html;qs=2"})
    @Consumes({MediaType.APPLICATION_JSON, "application/xml", MediaType.APPLICATION_FORM_URLENCODED})
    public Response create(HashMap<String, String> hashMap) {
        Response.ResponseBuilder status = Response.status(Response.Status.UNAUTHORIZED);
        RestActionReporter restActionReporter = new RestActionReporter();
        GrizzlyRequest grizzlyRequest = this.request.get();
        String str = hashMap.get("remoteHostName");
        AdminAccessController.Access access = AdminAccessController.Access.NONE;
        try {
            access = str == null ? AdminAccessController.Access.FULL : ResourceUtil.authenticateViaAdminRealm(this.habitat, grizzlyRequest, str);
        } catch (Exception e) {
            restActionReporter.setMessage("Error while authenticating " + e);
        }
        if (access == AdminAccessController.Access.FULL) {
            status.status(Response.Status.OK);
            String str2 = (String) grizzlyRequest.getAttribute("restUser");
            if (str2 != null) {
                restActionReporter.getExtraProperties().put("username", str2);
            }
            restActionReporter.getExtraProperties().put("token", this.sessionManager.createSession(grizzlyRequest));
        } else if (access == AdminAccessController.Access.FORBIDDEN) {
            status.status(Response.Status.FORBIDDEN);
        }
        return status.entity(new ActionReportResult(restActionReporter)).build();
    }

    @Path("{sessionId}/")
    public SessionResource getSessionResource(@PathParam("sessionId") String str) {
        return new SessionResource(this.sessionManager, str, this.requestHeaders, this.uriInfo);
    }
}
