package com.ibm.ws.security.javaeesec.cdi.extensions;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import java.security.Principal;
import javax.annotation.Priority;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import javax.security.auth.callback.Callback;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.authentication.mechanism.http.AutoApplySession;
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;

@AutoApplySession
@InjectedFFDC
@TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Priority(200)
@Interceptor
/* loaded from: input_file:com/ibm/ws/security/javaeesec/cdi/extensions/AutoApplySessionInterceptor.class */
public class AutoApplySessionInterceptor {
    static final long serialVersionUID = -2680769893730760229L;
    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AutoApplySessionInterceptor.class);

    @AroundInvoke
    public Object interceptValidateRequest(InvocationContext invocationContext) throws Exception {
        if (!"validateRequest".equals(invocationContext.getMethod().getName())) {
            return (AuthenticationStatus) invocationContext.proceed();
        }
        HttpMessageContext httpMessageContext = (HttpMessageContext) invocationContext.getParameters()[2];
        Principal userPrincipal = httpMessageContext.getRequest().getUserPrincipal();
        if (userPrincipal != null) {
            httpMessageContext.getHandler().handle(new Callback[]{new CallerPrincipalCallback(httpMessageContext.getClientSubject(), userPrincipal)});
            return AuthenticationStatus.SUCCESS;
        }
        AuthenticationStatus authenticationStatus = (AuthenticationStatus) invocationContext.proceed();
        if (AuthenticationStatus.SUCCESS.equals(authenticationStatus)) {
            httpMessageContext.getMessageInfo().getMap().put("javax.servlet.http.registerSession", Boolean.TRUE.toString());
        }
        return authenticationStatus;
    }
}
