package org.securityfilter.filter;

import java.io.IOException;
import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.hsqldb.DatabaseURL;
import org.securityfilter.authenticator.Authenticator;
import org.securityfilter.authenticator.AuthenticatorFactory;
import org.securityfilter.config.AuthConstraint;
import org.securityfilter.config.SecurityConfig;
import org.securityfilter.config.SecurityConstraint;
import org.securityfilter.config.WebResourceCollection;
import org.securityfilter.realm.SecurityRealmInterface;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/securityfilter-2.0.jar:org/securityfilter/filter/SecurityFilter.class */
public class SecurityFilter implements Filter {
    public static final String CONFIG_FILE_KEY = "config";
    public static final String DEFAULT_CONFIG_FILE = "/WEB-INF/securityfilter-config.xml";
    public static final String VALIDATE_KEY = "validate";
    public static final String TRUE = "true";
    public static final String ALREADY_PROCESSED;
    public static final String SAVED_REQUEST_URL;
    public static final String SAVED_REQUEST;
    protected FilterConfig config;
    protected SecurityRealmInterface realm;
    protected List patternList;
    protected URLPatternFactory patternFactory;
    protected Authenticator authenticator;
    static Class class$org$securityfilter$filter$SecurityFilter;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        AuthConstraint authConstraint;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!"true".equals(servletRequest.getAttribute(ALREADY_PROCESSED))) {
            servletRequest.setAttribute(ALREADY_PROCESSED, "true");
            URLPatternMatcher createURLPatternMatcher = this.patternFactory.createURLPatternMatcher();
            ServletRequest securityRequestWrapper = new SecurityRequestWrapper(httpServletRequest, getSavedRequest(httpServletRequest), this.realm, this.authenticator.getAuthMethod());
            URLPattern uRLPattern = null;
            try {
                if (this.authenticator.processLogout(securityRequestWrapper, httpServletResponse, createURLPatternMatcher)) {
                    httpServletRequest.getSession().invalidate();
                    httpServletRequest.getSession(true);
                }
                if (this.authenticator.processLogin(securityRequestWrapper, httpServletResponse)) {
                    return;
                }
                if (!this.authenticator.bypassSecurityForThisRequest(securityRequestWrapper, createURLPatternMatcher)) {
                    uRLPattern = matchPattern(securityRequestWrapper.getMatchableURL(), securityRequestWrapper.getMethod(), createURLPatternMatcher);
                }
                if (uRLPattern != null && (authConstraint = uRLPattern.getSecurityConstraint().getAuthConstraint()) != null) {
                    Collection roles = authConstraint.getRoles();
                    Principal userPrincipal = securityRequestWrapper.getUserPrincipal();
                    if (!roles.isEmpty() && userPrincipal == null) {
                        this.authenticator.showLogin(httpServletRequest, httpServletResponse);
                        return;
                    }
                    boolean z = false;
                    Iterator it = roles.iterator();
                    while (it.hasNext() && !z) {
                        String str = (String) it.next();
                        if ("*".equals(str) || this.realm.isUserInRole(userPrincipal, str)) {
                            z = true;
                        }
                    }
                    if (!z) {
                        httpServletResponse.sendError(403);
                        return;
                    }
                }
                servletRequest = securityRequestWrapper;
            } catch (Exception e) {
                throw new ServletException("Error matching patterns", e);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.config = filterConfig;
        try {
            String initParameter = filterConfig.getInitParameter("config");
            if (initParameter == null) {
                initParameter = DEFAULT_CONFIG_FILE;
            }
            URL resource = filterConfig.getServletContext().getResource(initParameter);
            SecurityConfig securityConfig = new SecurityConfig("true".equalsIgnoreCase(filterConfig.getInitParameter("validate")));
            securityConfig.loadConfig(resource);
            this.realm = securityConfig.getRealm();
            this.authenticator = AuthenticatorFactory.createAuthenticator(filterConfig, securityConfig);
            this.patternFactory = new URLPatternFactory();
            this.patternList = new ArrayList();
            int i = 1;
            for (SecurityConstraint securityConstraint : securityConfig.getSecurityConstraints()) {
                for (WebResourceCollection webResourceCollection : securityConstraint.getWebResourceCollections()) {
                    Iterator it = webResourceCollection.getURLPatterns().iterator();
                    while (it.hasNext()) {
                        int i2 = i;
                        i++;
                        this.patternList.add(this.patternFactory.createURLPattern((String) it.next(), securityConstraint, webResourceCollection, i2));
                    }
                }
            }
            Collections.sort(this.patternList);
        } catch (IOException e) {
            System.err.println(new StringBuffer().append("unable to parse input: ").append(e).toString());
        } catch (SAXException e2) {
            System.err.println(new StringBuffer().append("unable to parse input: ").append(e2).toString());
        } catch (Exception e3) {
            System.err.println(new StringBuffer().append("error: ").append(e3).toString());
            e3.printStackTrace();
        }
    }

    public void destroy() {
    }

    protected URLPattern matchPattern(String str, String str2, URLPatternMatcher uRLPatternMatcher) throws Exception {
        for (URLPattern uRLPattern : this.patternList) {
            if (uRLPatternMatcher.match(str, str2, uRLPattern)) {
                return uRLPattern;
            }
        }
        return null;
    }

    protected SavedRequest getSavedRequest(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute(SAVED_REQUEST_URL);
        if (str == null || !str.equals(getSaveableURL(httpServletRequest))) {
            return null;
        }
        SavedRequest savedRequest = (SavedRequest) session.getAttribute(SAVED_REQUEST);
        session.removeAttribute(SAVED_REQUEST_URL);
        session.removeAttribute(SAVED_REQUEST);
        return savedRequest;
    }

    public static String getContinueToURL(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(SAVED_REQUEST_URL);
    }

    public static void saveRequestInformation(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute(SAVED_REQUEST_URL, getSaveableURL(httpServletRequest));
        session.setAttribute(SAVED_REQUEST, new SavedRequest(httpServletRequest));
    }

    private static String getSaveableURL(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL;
        try {
            requestURL = httpServletRequest.getRequestURL();
        } catch (NoSuchMethodError e) {
            requestURL = getRequestURL(httpServletRequest);
        }
        fixProtocol(requestURL, httpServletRequest);
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            requestURL.append(new StringBuffer().append("?").append(queryString).toString());
        }
        return requestURL.toString();
    }

    public void setFilterConfig(FilterConfig filterConfig) throws ServletException {
        init(filterConfig);
    }

    public FilterConfig getFilterConfig() {
        return this.config;
    }

    private static StringBuffer getRequestURL(HttpServletRequest httpServletRequest) {
        String protocol = httpServletRequest.getProtocol();
        int serverPort = httpServletRequest.getServerPort();
        String stringBuffer = new StringBuffer().append(":").append(serverPort).toString();
        if (protocol.equals("HTTP/1.1")) {
            if (httpServletRequest.isSecure()) {
                if (serverPort == 443) {
                    stringBuffer = "";
                }
            } else if (serverPort == 80) {
                stringBuffer = "";
            }
        }
        return new StringBuffer(new StringBuffer().append(protocol).append(httpServletRequest.getServerName()).append(stringBuffer).append(httpServletRequest.getRequestURI()).toString());
    }

    private static void fixProtocol(StringBuffer stringBuffer, HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getProtocol().equals("HTTP/1.1") && httpServletRequest.isSecure() && stringBuffer.toString().startsWith(DatabaseURL.S_HTTP)) {
            stringBuffer.replace(0, 4, "https");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        StringBuffer stringBuffer = new StringBuffer();
        if (class$org$securityfilter$filter$SecurityFilter == null) {
            cls = class$("org.securityfilter.filter.SecurityFilter");
            class$org$securityfilter$filter$SecurityFilter = cls;
        } else {
            cls = class$org$securityfilter$filter$SecurityFilter;
        }
        ALREADY_PROCESSED = stringBuffer.append(cls.getName()).append(".ALREADY_PROCESSED").toString();
        StringBuffer stringBuffer2 = new StringBuffer();
        if (class$org$securityfilter$filter$SecurityFilter == null) {
            cls2 = class$("org.securityfilter.filter.SecurityFilter");
            class$org$securityfilter$filter$SecurityFilter = cls2;
        } else {
            cls2 = class$org$securityfilter$filter$SecurityFilter;
        }
        SAVED_REQUEST_URL = stringBuffer2.append(cls2.getName()).append(".SAVED_REQUEST_URL").toString();
        StringBuffer stringBuffer3 = new StringBuffer();
        if (class$org$securityfilter$filter$SecurityFilter == null) {
            cls3 = class$("org.securityfilter.filter.SecurityFilter");
            class$org$securityfilter$filter$SecurityFilter = cls3;
        } else {
            cls3 = class$org$securityfilter$filter$SecurityFilter;
        }
        SAVED_REQUEST = stringBuffer3.append(cls3.getName()).append(".SAVED_REQUEST").toString();
    }
}
