package io.imunity.vaadin.endpoint.common;

import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Locale;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.authn.AuthenticationRealm;
import pl.edu.icm.unity.base.identity.IdentityTaV;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.InvocationContext;
import pl.edu.icm.unity.engine.api.authn.LoginSession;
import pl.edu.icm.unity.engine.api.config.UnityServerConfiguration;
import pl.edu.icm.unity.engine.api.utils.CookieHelper;

/* loaded from: input_file:io/imunity/vaadin/endpoint/common/InvocationContextSetupFilter.class */
public class InvocationContextSetupFilter implements Filter {
    private static final Logger log = Log.getLogger("unity.server.web", InvocationContextSetupFilter.class);
    public static final String LANGUAGE_COOKIE = "language";
    private final UnityServerConfiguration config;
    private final AuthenticationRealm realm;
    private final String baseAddress;
    private final List<AuthenticationFlow> authenticationFlows;

    public InvocationContextSetupFilter(UnityServerConfiguration unityServerConfiguration, AuthenticationRealm authenticationRealm, String str, List<AuthenticationFlow> list) {
        this.realm = authenticationRealm;
        this.config = unityServerConfiguration;
        this.baseAddress = str;
        this.authenticationFlows = list;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        InvocationContext createInvocationContext = createInvocationContext(httpServletRequest);
        setLoginSession(httpServletRequest, createInvocationContext);
        setLocale(httpServletRequest, createInvocationContext);
        try {
            filterChain.doFilter(httpServletRequest, servletResponse);
            InvocationContext.setCurrent((InvocationContext) null);
        } catch (Throwable th) {
            InvocationContext.setCurrent((InvocationContext) null);
            throw th;
        }
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    private InvocationContext createInvocationContext(HttpServletRequest httpServletRequest) {
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("jakarta.servlet.request.X509Certificate");
        InvocationContext invocationContext = new InvocationContext(x509CertificateArr == null ? null : new IdentityTaV("x500Name", x509CertificateArr[0].getSubjectX500Principal().getName()), this.realm, this.authenticationFlows);
        InvocationContext.setCurrent(invocationContext);
        if (this.baseAddress != null) {
            invocationContext.setCurrentURLUsed(this.baseAddress);
        }
        log.trace("A new invocation context was set");
        return invocationContext;
    }

    private void setLoginSession(HttpServletRequest httpServletRequest, InvocationContext invocationContext) {
        LoginSession loginSession;
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || (loginSession = (LoginSession) session.getAttribute("pl.edu.icm.unity.web.WebSession")) == null) {
            return;
        }
        invocationContext.setLoginSession(loginSession);
        log.trace("Login session was set for the invocation context");
    }

    private void setLocale(HttpServletRequest httpServletRequest, InvocationContext invocationContext) {
        String cookie = CookieHelper.getCookie(httpServletRequest, "language");
        if (cookie != null) {
            Locale safeLocaleDecode = UnityServerConfiguration.safeLocaleDecode(cookie);
            if (this.config.isLocaleSupported(safeLocaleDecode)) {
                invocationContext.setLocale(safeLocaleDecode);
                log.trace("Requested locale was set for the invocation context");
                return;
            }
        }
        invocationContext.setLocale(this.config.getDefaultLocale());
        log.trace("Default locale was set for the invocation context");
    }
}
