package org.nakedobjects.webapp;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.nakedobjects.metamodel.authentication.AuthenticationSession;
import org.nakedobjects.metamodel.commons.factory.InstanceFactory;
import org.nakedobjects.runtime.authentication.AuthenticationManager;
import org.nakedobjects.runtime.context.NakedObjectsContext;
import org.nakedobjects.webapp.auth.AuthenticationSessionLookupStrategy;
import org.nakedobjects.webapp.auth.AuthenticationSessionLookupStrategyDefault;

/* loaded from: input_file:org/nakedobjects/webapp/NakedObjectsSessionFilter.class */
public class NakedObjectsSessionFilter implements Filter {
    public static final String AUTHENTICATION_SESSION_LOOKUP_STRATEGY_KEY = "authenticationSessionLookupStrategy";
    public static final String AUTHENTICATION_SESSION_LOOKUP_STRATEGY_DEFAULT = AuthenticationSessionLookupStrategyDefault.class.getName();
    public static final String LOGON_PAGE_KEY = "logonPage";
    private AuthenticationSessionLookupStrategy authSessionLookupStrategy;
    private String redirectResourceIfNoSession;

    public void init(FilterConfig filterConfig) throws ServletException {
        lookupAuthenticationSessionLookupStrategy(filterConfig);
        lookupRedirectIfNoSessionKey(filterConfig);
    }

    private void lookupAuthenticationSessionLookupStrategy(FilterConfig filterConfig) {
        String initParameter = filterConfig.getInitParameter(AUTHENTICATION_SESSION_LOOKUP_STRATEGY_KEY);
        if (initParameter == null) {
            initParameter = AUTHENTICATION_SESSION_LOOKUP_STRATEGY_DEFAULT;
        }
        this.authSessionLookupStrategy = (AuthenticationSessionLookupStrategy) InstanceFactory.createInstance(initParameter);
    }

    private void lookupRedirectIfNoSessionKey(FilterConfig filterConfig) {
        this.redirectResourceIfNoSession = filterConfig.getInitParameter(LOGON_PAGE_KEY);
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        AuthenticationSession lookup = this.authSessionLookupStrategy.lookup(servletRequest, servletResponse);
        if (isValid(lookup)) {
            this.authSessionLookupStrategy.bind(servletRequest, servletResponse, lookup);
            NakedObjectsContext.openSession(lookup);
            filterChain.doFilter(servletRequest, servletResponse);
            NakedObjectsContext.closeSession();
            return;
        }
        if (this.redirectResourceIfNoSession == null || this.redirectResourceIfNoSession.equals(httpServletRequest.getServletPath())) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            httpServletResponse.sendRedirect(this.redirectResourceIfNoSession);
        }
    }

    private boolean isValid(AuthenticationSession authenticationSession) {
        return authenticationSession != null && getAuthenticationManager().isSessionValid(authenticationSession);
    }

    private static AuthenticationManager getAuthenticationManager() {
        return NakedObjectsContext.getAuthenticationManager();
    }
}
