package org.butor.sso.filter;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.butor.sso.SSOConstants;
import org.butor.sso.SSOException;
import org.butor.sso.SSOHelper;
import org.butor.sso.SSOInfo;
import org.butor.sso.validator.ISSOValidator;
import org.butor.web.servlet.PrincipalServletRequestWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/lib/butor-sso-1.0.7.jar:org/butor/sso/filter/SSOFilterBean.class */
public class SSOFilterBean extends GenericFilterBean {
    private Logger logger = LoggerFactory.getLogger(getClass());
    protected Boolean enabled;
    protected List<String> ignoredList;
    private ISSOValidator validator;
    private String sessionTimeoutUrl;
    private String sessionTimeoutStreamingUrl;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Filtering request {}?{}", httpServletRequest.getRequestURI(), httpServletRequest.getQueryString());
        }
        String requestURI = httpServletRequest.getRequestURI();
        Iterator<String> it = this.ignoredList.iterator();
        while (it.hasNext()) {
            if (requestURI.indexOf(it.next()) > -1) {
                this.logger.info("Let pass request {}?{}", httpServletRequest.getRequestURI(), httpServletRequest.getQueryString());
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
        }
        HttpSession session = httpServletRequest.getSession();
        String cookie = SSOHelper.getCookie(httpServletRequest, SSOConstants.SSO_SSO_ID);
        SSOInfo sSOInfo = null;
        if (cookie != null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Got ssoId={}", cookie);
            }
            try {
                sSOInfo = this.validator.validate(cookie);
            } catch (SSOException e) {
                this.logger.warn("Failed", (Throwable) e);
            }
        }
        if (sSOInfo != null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Valid ssoId={}, id={}", cookie, sSOInfo.getId());
            }
            if (session == null || session.getAttribute("id") == null || session.getAttribute(SSOConstants.SSO_SSO_ID) == null) {
                HttpSession session2 = httpServletRequest.getSession(true);
                session2.setAttribute(SSOConstants.SSO_SSO_ID, cookie);
                session2.setAttribute("id", sSOInfo.getId());
                SSOHelper.setCookie(httpServletResponse, SSOConstants.SSO_SSO_ID, cookie, -1, "/");
            }
        } else {
            if (cookie != null) {
                SSOHelper.removeCookie(httpServletResponse, SSOConstants.SSO_SSO_ID, "/");
            }
            if (session != null && session.getAttribute(SSOConstants.SSO_SSO_ID) != null) {
                session.removeAttribute("id");
                session.removeAttribute(SSOConstants.SSO_SSO_ID);
                session.invalidate();
            }
            if (this.enabled.booleanValue()) {
                String parameter = httpServletRequest.getParameter("streaming");
                boolean z = (parameter == null || httpServletRequest.getParameter(SSOConstants.SSO_ARG_SERVICE) == null || httpServletRequest.getParameter("reqId") == null) ? false : true;
                boolean z2 = parameter != null && parameter.equals("true");
                this.logger.info("Invalid ssoId={}. redirecting to login (blocking filter config) ...", cookie);
                if (!z) {
                    String str = this.sessionTimeoutUrl + "?ts=" + System.currentTimeMillis();
                    this.logger.info("redirecting to session timeout streaming url , URL={}", str);
                    httpServletResponse.sendRedirect(str);
                    return;
                } else {
                    if (!z2) {
                        servletResponse.getOutputStream().write(("{\"reqId\":\"" + httpServletRequest.getParameter("reqId") + "\",\"data\":[],\"messages\":[{\"id\":\"SESSION_TIMEDOUT\",\"sysId\":\"common\",\"type\":\"ERROR\"}]}").getBytes());
                        return;
                    }
                    String str2 = this.sessionTimeoutStreamingUrl + "?ts=" + System.currentTimeMillis();
                    this.logger.info("Redirecting to session timeout streaming url : , URL={}", str2);
                    httpServletResponse.sendRedirect(str2);
                    return;
                }
            }
            if (cookie != null) {
                this.logger.info("Invalid ssoId={}. Invalidated session and let pass. (not enabled filter config)", cookie);
            }
        }
        filterChain.doFilter(new PrincipalServletRequestWrapper(httpServletRequest, sSOInfo.getId()), servletResponse);
    }

    @Override // org.springframework.web.filter.GenericFilterBean
    protected void initFilterBean() throws ServletException {
        legacySupport();
        setDefaultValues();
        Preconditions.checkNotNull(this.validator, "Validator is mandatory!");
        this.sessionTimeoutUrl = this.validator.getSessionTimeoutUrl();
        this.sessionTimeoutStreamingUrl = this.validator.getSessionTimeoutStreamingUrl();
        Preconditions.checkArgument(!Strings.isNullOrEmpty(this.sessionTimeoutUrl), "Got null sessionTimeoutUrl from validator!");
        Preconditions.checkArgument(!Strings.isNullOrEmpty(this.sessionTimeoutStreamingUrl), "Got null sessionTimeoutStreamingUrl from validator!");
    }

    private void legacySupport() {
        FilterConfig filterConfig = getFilterConfig();
        if (filterConfig == null) {
            return;
        }
        if (this.validator == null) {
            WebApplicationContext webApplicationContext = WebApplicationContextUtils.getWebApplicationContext(getServletContext());
            Preconditions.checkNotNull(webApplicationContext, "Unable to find Spring context or validator not set in spring config");
            this.validator = (ISSOValidator) webApplicationContext.getBean(ISSOValidator.class);
        }
        String initParameter = filterConfig.getInitParameter("blocking");
        if (this.enabled == null && initParameter != null) {
            this.enabled = Boolean.valueOf(!initParameter.equalsIgnoreCase("false"));
        }
        if (this.ignoredList == null) {
            String initParameter2 = filterConfig.getInitParameter("ignoreURIs");
            if (Strings.isNullOrEmpty(initParameter2)) {
                return;
            }
            this.ignoredList = Arrays.asList(initParameter2.split(StringArrayPropertyEditor.DEFAULT_SEPARATOR));
        }
    }

    protected void setDefaultValues() {
        if (this.ignoredList == null) {
            this.ignoredList = Lists.newArrayList();
        }
        if (this.enabled == null) {
            this.enabled = true;
        }
    }

    public void setEnabled(boolean z) {
        this.enabled = Boolean.valueOf(z);
    }

    public void setIgnoredList(List<String> list) {
        this.ignoredList = list;
    }

    public boolean isEnabled() {
        return this.enabled.booleanValue();
    }

    public List<String> getIgnoredList() {
        return this.ignoredList;
    }

    public void setValidator(ISSOValidator iSSOValidator) {
        this.validator = iSSOValidator;
    }
}
