package com.atlassian.servicedesk.internal.web;

import com.atlassian.core.filters.AbstractHttpFilter;
import com.atlassian.servicedesk.api.customer.CustomerContextService;
import com.atlassian.servicedesk.api.customer.NoExceptionsCallable;
import com.atlassian.servicedesk.internal.customer.context.module.CustomerContextModuleManager;
import com.atlassian.servicedesk.internal.customer.context.urimatching.UriMatch;
import com.atlassian.servicedesk.internal.customer.context.urimatching.UriMatcher;
import com.atlassian.servicedesk.internal.utils.HardCodedValues;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/servicedesk/internal/web/CustomerContextSettingFilter.class */
public class CustomerContextSettingFilter extends AbstractHttpFilter {
    private final Logger LOGGER = LoggerFactory.getLogger(CustomerContextSettingFilter.class);
    private final UriMatcher STATIC_DEFINITIONS = new UriMatcher(ImmutableList.of(UriMatch.builder().startsWith(HardCodedValues.SERVICE_DESK_WEB_PREFIX).addPattern("/lost.*").addPattern("/customer.*").build(), UriMatch.builder().startsWith("/rest/servicedesk/").addPattern("knowledgebase/latest/articles/.*").build(), UriMatch.builder().startsWith(HardCodedValues.SERVICE_DESK_BASE).addPattern("/customer.*").addPattern("/bannerImage.*").build(), UriMatch.builder().startsWith("/rest/servicedesk/1/servicedesk").addPattern("/customer.*").addPattern("/.*/kb/.*/article.*").addPattern("/sharedportal/kb/articles.*").addPattern("/request-type-search.*").build(), UriMatch.builder().startsWith("/rest/servicedesk/reports/1/statsevent/").addPattern("viewed").addPattern("helpful").addPattern("not-helpful").build(), UriMatch.builder().startsWith("/rest/auth").addPattern("/1/session").addPattern("/latest/session").build(), UriMatch.builder().startsWith("/rest/api/2").addPattern("/mypermissions").addPattern("/myself").addPattern("/serverInfo").build(), UriMatch.builder().startsWith("/rest/api/latest").addPattern("/mypermissions").addPattern("/myself").addPattern("/serverInfo").build(), UriMatch.builder().startsWith("/rest/api").setBlackList().addPattern(".*").build()));
    private final CustomerContextService customerContextService;
    private final CustomerContextModuleManager customerContextModuleManager;
    private static final String ALREADY_RAN = CustomerContextSettingFilter.class.getCanonicalName();

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: input_file:com/atlassian/servicedesk/internal/web/CustomerContextSettingFilter$ExceptionCapture.class */
    public static class ExceptionCapture {
        public static final ExceptionCapture EMPTY = new ExceptionCapture();
        private final Exception exception;

        ExceptionCapture() {
            this.exception = null;
        }

        ExceptionCapture(IOException iOException) {
            this.exception = iOException;
        }

        ExceptionCapture(ServletException servletException) {
            this.exception = servletException;
        }

        void rethrowIfCaptured() throws IOException, ServletException {
            if (this.exception == null) {
                return;
            }
            if (this.exception instanceof IOException) {
                throw ((IOException) this.exception);
            }
            if (this.exception instanceof ServletException) {
                throw this.exception;
            }
        }
    }

    public CustomerContextSettingFilter(CustomerContextService customerContextService, CustomerContextModuleManager customerContextModuleManager) {
        this.customerContextService = customerContextService;
        this.customerContextModuleManager = customerContextModuleManager;
    }

    protected void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (httpServletRequest.getAttribute(ALREADY_RAN) != null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            httpServletRequest.setAttribute(ALREADY_RAN, Boolean.TRUE);
            doFilterImpl(httpServletRequest, httpServletResponse, filterChain);
        }
    }

    private void doFilterImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (shouldRunInCustomerContext(RequestPathSanitisationUtil.getSanitisedRequestPath(httpServletRequest))) {
            inCustomerContext(httpServletRequest, httpServletResponse, filterChain);
        } else {
            outOfCustomerContext(httpServletRequest, httpServletResponse, filterChain);
        }
    }

    @VisibleForTesting
    boolean shouldRunInCustomerContext(String str) {
        UriMatcher.Decision runUriMatcher = runUriMatcher(str, this.STATIC_DEFINITIONS);
        if (runUriMatcher == UriMatcher.Decision.GRANTED) {
            return true;
        }
        if (runUriMatcher == UriMatcher.Decision.DENIED) {
            return false;
        }
        UriMatcher.Decision runUriMatcher2 = runUriMatcher(str, buildDynamicDefinitions());
        if (runUriMatcher2 == UriMatcher.Decision.GRANTED) {
            return true;
        }
        return runUriMatcher2 == UriMatcher.Decision.DENIED ? false : false;
    }

    private UriMatcher.Decision runUriMatcher(String str, UriMatcher uriMatcher) {
        return uriMatcher.matches(str);
    }

    private UriMatcher buildDynamicDefinitions() {
        return this.customerContextModuleManager.getUriMatcher();
    }

    private boolean isServletPathBlacklistedFromEnteringCustomerContext(HttpServletRequest httpServletRequest) {
        String lowerCase = httpServletRequest.getServletPath().toLowerCase();
        if (lowerCase.endsWith("/")) {
            lowerCase = lowerCase.substring(0, lowerCase.length() - 1);
        }
        return lowerCase.endsWith(".jspa") || lowerCase.endsWith(".jspx") || lowerCase.endsWith(".jsp");
    }

    private void inCustomerContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!isServletPathBlacklistedFromEnteringCustomerContext(httpServletRequest)) {
            ((ExceptionCapture) this.customerContextService.runInCustomerContext(invokeFilterChain(httpServletRequest, httpServletResponse, filterChain))).rethrowIfCaptured();
        } else {
            this.LOGGER.warn("Attempt to access .jspa, .jspx, or .jsp resource {} within customer context", httpServletRequest.getServletPath());
            httpServletResponse.sendError(403);
        }
    }

    private void outOfCustomerContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        ((ExceptionCapture) this.customerContextService.runOutOfCustomerContext(invokeFilterChain(httpServletRequest, httpServletResponse, filterChain))).rethrowIfCaptured();
    }

    private NoExceptionsCallable<ExceptionCapture> invokeFilterChain(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) {
        return () -> {
            try {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return ExceptionCapture.EMPTY;
            } catch (ServletException e) {
                return new ExceptionCapture(e);
            } catch (IOException e2) {
                return new ExceptionCapture(e2);
            }
        };
    }
}
