package org.ctoolkit.restapi.client.firebase;

import com.google.common.base.Strings;
import com.google.firebase.auth.FirebaseToken;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.annotation.concurrent.ThreadSafe;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
@ThreadSafe
/* loaded from: input_file:org/ctoolkit/restapi/client/firebase/IdentityCheckSessionFilter.class */
public class IdentityCheckSessionFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(IdentityCheckSessionFilter.class);
    public static String SESSION_AUTH_USER_ATTRIBUTE = "_identity_filter_SESSION_AUTH_USER_ATTRIBUTE";
    public static String REDIRECT_PATH = "_identity_filter_REDIRECT_TO_IF_LOGGED_IN";
    public static String SIGN_UP_PATH = "_identity_filter_SIGN_UP_PATH";
    public static String LOGIN_PATH = "_identity_filter_LOGIN_PATH";
    public static String IGNORE_PATHS = "_identity_filter_IGNORE_PATHS";
    private final IdentityHandler identityHandler;
    private final Set<IdentityLoginListener> listeners;
    private String sessionAttribute;
    private String loggedInRedirect;
    private String signUpPath;
    private String loginPath;
    private Set<String> ignorePaths = new HashSet();

    @Inject
    public IdentityCheckSessionFilter(IdentityHandler identityHandler, Set<IdentityLoginListener> set) {
        this.identityHandler = identityHandler;
        this.listeners = set;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.sessionAttribute = filterConfig.getInitParameter(SESSION_AUTH_USER_ATTRIBUTE);
        this.loggedInRedirect = filterConfig.getInitParameter(REDIRECT_PATH);
        this.signUpPath = filterConfig.getInitParameter(SIGN_UP_PATH);
        this.loginPath = filterConfig.getInitParameter(LOGIN_PATH);
        if (Strings.isNullOrEmpty(this.sessionAttribute)) {
            throw new IllegalArgumentException("Session attribute must be configured. ");
        }
        if (Strings.isNullOrEmpty(this.loggedInRedirect)) {
            this.loggedInRedirect = "";
            logger.warn("No REDIRECT_PATH has been configured!");
        }
        if (Strings.isNullOrEmpty(this.signUpPath)) {
            this.signUpPath = "";
            logger.warn("No SIGN_UP_PATH has been configured!");
        }
        if (Strings.isNullOrEmpty(this.loginPath)) {
            this.loginPath = "";
            logger.warn("No LOGIN_PATH has been configured!");
        }
        initIgnorePaths(filterConfig);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (ignoreServletPath(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getSession().getAttribute(this.sessionAttribute) == null) {
            FirebaseToken resolveVerifyToken = this.identityHandler.resolveVerifyToken(httpServletRequest);
            if ((resolveVerifyToken != null ? resolveVerifyToken.getEmail() : null) != null) {
                Iterator<IdentityLoginListener> it = this.listeners.iterator();
                while (it.hasNext()) {
                    it.next().processIdentity(httpServletRequest, httpServletResponse, resolveVerifyToken, this.sessionAttribute);
                }
                this.identityHandler.delete(httpServletRequest, httpServletResponse);
            }
        } else if (!Strings.isNullOrEmpty(this.loggedInRedirect) && (httpServletRequest.getRequestURI().startsWith(this.signUpPath) || httpServletRequest.getRequestURI().startsWith(this.loginPath))) {
            httpServletResponse.sendRedirect(this.loggedInRedirect);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void initIgnorePaths(FilterConfig filterConfig) {
        String initParameter = filterConfig.getInitParameter(IGNORE_PATHS);
        if (Strings.isNullOrEmpty(initParameter)) {
            return;
        }
        for (String str : initParameter.split(",")) {
            String trim = str.trim();
            if (!trim.startsWith("/")) {
                trim = "/" + trim;
            }
            this.ignorePaths.add(trim);
        }
    }

    private boolean ignoreServletPath(HttpServletRequest httpServletRequest) {
        if (this.ignorePaths.isEmpty()) {
            return false;
        }
        String servletPath = httpServletRequest.getServletPath();
        if (Strings.isNullOrEmpty(servletPath)) {
            return false;
        }
        Iterator<String> it = this.ignorePaths.iterator();
        while (it.hasNext()) {
            if (servletPath.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }
}
