package io.cronapp.bpm.identity.plugin.filter;

import cronapp.framework.authentication.token.TokenUtils;
import io.cronapp.bpm.identity.plugin.logger.IdentityPluginLogger;
import java.io.IOException;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.rest.util.EngineUtil;
import org.camunda.bpm.webapp.impl.security.auth.AuthenticationService;
import org.camunda.bpm.webapp.impl.security.auth.Authentications;

/* loaded from: input_file:io/cronapp/bpm/identity/plugin/filter/CronAuthenticationTokenFilter.class */
public class CronAuthenticationTokenFilter implements Filter {
    private static final IdentityPluginLogger LOG = IdentityPluginLogger.INSTANCE;
    private static final String ENGINE_NAME = "default";
    private AuthenticationService userAuthentications;

    public void init(FilterConfig filterConfig) {
        LOG.initServlet(getClass().getSimpleName());
        this.userAuthentications = new AuthenticationService();
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader("X-AUTH-TOKEN");
        if (header == null || header.isBlank()) {
            header = TokenUtils.getTokenFromCookie(httpServletRequest.getCookies());
        }
        String usernameFromToken = TokenUtils.getUsernameFromToken(header);
        if (usernameFromToken != null && !TokenUtils.isTokenExpired(header)) {
            Authentications createAuthentications = createAuthentications(EngineUtil.lookupProcessEngine(ENGINE_NAME), usernameFromToken);
            Authentications.setCurrent(createAuthentications);
            Authentications.updateSession(httpServletRequest.getSession(), createAuthentications);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
        LOG.destroyServlet(getClass().getSimpleName());
    }

    private Authentications createAuthentications(ProcessEngine processEngine, String str) {
        Authentications authentications = new Authentications();
        authentications.addAuthentication(this.userAuthentications.createAuthenticate(processEngine, str, (List) null, (List) null));
        return authentications;
    }
}
