package org.cricketmsf.microsite.auth;

import ch.qos.logback.core.CoreConstants;
import com.sun.net.httpserver.Filter;
import com.sun.net.httpserver.HttpExchange;
import java.io.IOException;
import java.util.Map;
import org.cricketmsf.Event;
import org.cricketmsf.Kernel;
import org.cricketmsf.microsite.out.auth.AuthAdapterIface;
import org.cricketmsf.microsite.out.auth.AuthException;
import org.cricketmsf.microsite.user.User;

/* loaded from: input_file:org/cricketmsf/microsite/auth/SecurityFilter.class */
public class SecurityFilter extends Filter {
    private static final String PERMANENT_TOKEN_PREFIX = "~~";
    private String[] restrictedPost = null;
    private String[] restrictedPut = null;
    private String[] restrictedGet = null;
    private String[] restrictedDelete = null;
    private boolean authRequired = false;

    public String description() {
        return "Default security filter";
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x010b, code lost:
    
        switch(r19) {
            case 0: goto L29;
            case 1: goto L30;
            case 2: goto L31;
            case 3: goto L32;
            case 4: goto L33;
            default: goto L54;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x012c, code lost:
    
        r0.add(r0);
        r0.add(r0);
        r0.add(r0);
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0151, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:32:0x0160, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x016f, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x017e, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void initialize() {
        /*
            Method dump skipped, instructions count: 581
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.cricketmsf.microsite.auth.SecurityFilter.initialize():void");
    }

    private boolean isRestrictedPath(String str, String str2) {
        if (this.restrictedPost == null) {
            initialize();
        }
        if (!this.authRequired) {
            return false;
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 70454:
                if (str.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 79599:
                if (str.equals("PUT")) {
                    z = 2;
                    break;
                }
                break;
            case 2461856:
                if (str.equals("POST")) {
                    z = true;
                    break;
                }
                break;
            case 2012838315:
                if (str.equals("DELETE")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (this.restrictedGet == null) {
                    return false;
                }
                for (String str3 : this.restrictedGet) {
                    if (str2.startsWith(str3)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedPost == null) {
                    return false;
                }
                for (String str4 : this.restrictedPost) {
                    if (str2.startsWith(str4)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedPut == null) {
                    return false;
                }
                for (String str5 : this.restrictedPut) {
                    if (str2.startsWith(str5)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedDelete == null) {
                    return false;
                }
                for (String str6 : this.restrictedDelete) {
                    if (str2.startsWith(str6)) {
                        return true;
                    }
                }
                return false;
            default:
                return false;
        }
    }

    public SecurityFilterResult checkRequest(HttpExchange httpExchange) {
        int indexOf;
        boolean z = true;
        try {
            z = !isRestrictedPath(httpExchange.getRequestMethod(), httpExchange.getRequestURI().getPath());
        } catch (Exception e) {
            e.printStackTrace();
            Kernel.getInstance().dispatchEvent(Event.logFine(getClass().getSimpleName(), e.getMessage()));
        }
        Map map = (Map) httpExchange.getAttribute("parameters");
        SecurityFilterResult securityFilterResult = new SecurityFilterResult();
        securityFilterResult.user = null;
        securityFilterResult.issuer = null;
        if (z) {
            if (map != null) {
                try {
                    String str = (String) map.get("tid");
                    if (null != str) {
                        if (str.endsWith("/")) {
                            str = str.substring(0, str.length() - 1);
                        }
                        securityFilterResult.user = getUser(str, true);
                        securityFilterResult.issuer = getIssuer(str);
                    }
                } catch (NullPointerException e2) {
                } catch (AuthException e3) {
                    Kernel.getInstance().dispatchEvent(Event.logFine(getClass().getSimpleName(), "AUTH PROBLEM " + e3.getCode() + " " + e3.getMessage()));
                }
            }
            securityFilterResult.code = 200;
            securityFilterResult.message = CoreConstants.EMPTY_STRING;
            return securityFilterResult;
        }
        String first = httpExchange.getRequestHeaders().getFirst("Authentication");
        User user = null;
        if (first == null || first.isEmpty()) {
            if (null != map) {
                try {
                    first = (String) map.get("tid");
                    if (first.endsWith("/")) {
                        first = first.substring(0, first.length() - 1);
                    }
                } catch (Exception e4) {
                    e4.printStackTrace();
                    Kernel.getInstance().dispatchEvent(Event.logFine(getClass().getSimpleName(), e4.getMessage()));
                }
            }
            if ((null == first || first.isEmpty()) && (indexOf = httpExchange.getRequestURI().getQuery().indexOf("tid=")) >= 0) {
                first = httpExchange.getRequestURI().getQuery().substring(indexOf + 4);
                int indexOf2 = first.indexOf("&");
                if (indexOf2 > 0) {
                    first = first.substring(0, indexOf2);
                }
            }
            if (first != null && first.endsWith("/")) {
                first = first.substring(0, first.length() - 1);
            }
        }
        try {
            User user2 = getUser(first, first.startsWith(PERMANENT_TOKEN_PREFIX));
            if ("public".equalsIgnoreCase(user2.getUid())) {
                user = getIssuer(first);
            }
            securityFilterResult.user = user2;
            securityFilterResult.issuer = user;
            securityFilterResult.code = 200;
            return securityFilterResult;
        } catch (Exception e5) {
            securityFilterResult.code = 403;
            securityFilterResult.message = e5.getMessage() + " - request blocked by security filter\r\n";
            return securityFilterResult;
        }
    }

    private User getUser(String str, boolean z) throws AuthException {
        AuthAdapterIface authAdapterIface = (AuthAdapterIface) Kernel.getInstance().getAdaptersMap().getOrDefault("authAdapter", null);
        if (authAdapterIface != null) {
            return authAdapterIface.getUser(str, z);
        }
        return null;
    }

    private User getIssuer(String str) throws AuthException {
        AuthAdapterIface authAdapterIface = (AuthAdapterIface) Kernel.getInstance().getAdaptersMap().getOrDefault("authAdapter", null);
        if (authAdapterIface != null) {
            return authAdapterIface.getIssuer(str);
        }
        return null;
    }

    public void doFilter(HttpExchange httpExchange, Filter.Chain chain) throws IOException {
        SecurityFilterResult securityFilterResult = null;
        try {
            securityFilterResult = checkRequest(httpExchange);
        } catch (Exception e) {
            httpExchange.sendResponseHeaders(400, e.getMessage().length());
            httpExchange.getResponseBody().write(e.getMessage().getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
        }
        if (securityFilterResult.code != 200) {
            if (securityFilterResult.message == null) {
                securityFilterResult.message = "authentication error";
            }
            httpExchange.sendResponseHeaders(securityFilterResult.code, securityFilterResult.message.length());
            httpExchange.getResponseBody().write(securityFilterResult.message.getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
            return;
        }
        try {
            if (securityFilterResult.user != null) {
                chain.doFilter(new Exchange(httpExchange, securityFilterResult.user, securityFilterResult.issuer));
            } else {
                chain.doFilter(httpExchange);
            }
        } catch (Exception e2) {
            httpExchange.sendResponseHeaders(400, e2.getMessage().length());
            httpExchange.getResponseBody().write(e2.getMessage().getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
        }
    }
}
