package de.accxia.apps.confluence.ium.servlet.filter;

import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.user.UserAccessor;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.sal.api.ApplicationProperties;
import com.atlassian.templaterenderer.TemplateRenderer;
import com.atlassian.webresource.api.UrlMode;
import com.atlassian.webresource.api.assembler.PageBuilderService;
import de.accxia.apps.confluence.ium.conditions.ConditionEvaluatorIUMImpl;
import de.accxia.apps.confluence.ium.config.DAO;
import de.accxia.apps.confluence.ium.impl.CurrentUser;
import de.accxia.apps.confluence.ium.util.IUMHelperService;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Named
/* loaded from: input_file:de/accxia/apps/confluence/ium/servlet/filter/IntelligentUserManagerCerberosFilter.class */
public class IntelligentUserManagerCerberosFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(IntelligentUserManagerCerberosFilter.class);
    public static final String ORIGIN = "origin";
    public static final String URI_RESTORE = "secure/restore";
    public static final String URI_DISABLE = "secure/disable";

    @ComponentImport
    private final UserAccessor userAccessor;

    @ComponentImport
    private final TemplateRenderer renderer;
    private final IUMHelperService helperService;

    @ComponentImport
    private PageBuilderService pageBuilderService;

    @ComponentImport
    private final ApplicationProperties applicationProperties;

    @Inject
    public IntelligentUserManagerCerberosFilter(TemplateRenderer templateRenderer, PageBuilderService pageBuilderService, ApplicationProperties applicationProperties, UserAccessor userAccessor, IUMHelperService iUMHelperService) {
        this.userAccessor = userAccessor;
        this.renderer = templateRenderer;
        this.applicationProperties = applicationProperties;
        this.helperService = iUMHelperService;
        this.pageBuilderService = pageBuilderService;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (log.isDebugEnabled()) {
            log.debug("IntelligentUserManagerCerberosFilter doFilter requestURI =" + (httpServletRequest.getRequestURI() != null ? httpServletRequest.getRequestURI() : "N/A") + ", servletPath=" + (httpServletRequest.getServletPath() != null ? httpServletRequest.getServletPath() : "N/A") + ", pathInfo=" + (httpServletRequest.getPathInfo() != null ? httpServletRequest.getPathInfo() : "N/A"));
        }
        ConfluenceUser confluenceUser = AuthenticatedUserThreadLocal.get();
        if (confluenceUser == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!ConditionEvaluatorIUMImpl.isLicenseValid()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getRequestURI() != null && httpServletRequest.getRequestURI().contains("/logout.action")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!this.helperService.isUserInGroups(confluenceUser, DAO.getIUMGroupsDisabled())) {
            if (log.isDebugEnabled()) {
                log.debug("IntelligentUserManagerCerberosFilter user " + confluenceUser.getName() + " is not belong to IUM Disable :" + DAO.getIUMGroupsDisabled() + "  ==> forward doFilter ");
            }
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getRequestURI() != null && httpServletRequest.getRequestURI().contains(URI_DISABLE)) {
            if (log.isDebugEnabled()) {
                log.debug("Received secure/disable " + httpServletRequest.getRequestURI() + " ,servletPath=" + (httpServletRequest.getServletPath() != null ? httpServletRequest.getServletPath() : "NULL"));
            }
            String parameter = servletRequest.getParameter("username");
            if (parameter == null || parameter.length() == 0) {
                ((HttpServletResponse) servletResponse).sendRedirect(httpServletRequest.getContextPath() + "/");
                return;
            }
            if (parameter == null || parameter.length() <= 0 || !this.helperService.isUserInGroups(this.userAccessor.getUserByName(parameter), DAO.getIUMGroups())) {
                if (log.isDebugEnabled()) {
                    log.debug("Redirect user " + parameter + " to the queue ");
                }
                renderQueueVM(this.helperService.getQuotaForGroupOfUsername(AuthenticatedUserThreadLocal.get()), httpServletRequest, (HttpServletResponse) servletResponse);
                return;
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("Redirect to the saved url | referrer | base url " + this.applicationProperties.getBaseUrl());
                }
                doGlobalRedirect(httpServletRequest, (HttpServletResponse) servletResponse);
                return;
            }
        }
        if (this.helperService.isUserInGroups(confluenceUser, DAO.getIUMGroups())) {
            if (httpServletRequest.getRequestURI() == null || !httpServletRequest.getRequestURI().contains(URI_RESTORE)) {
                if (log.isDebugEnabled()) {
                    log.debug("IntelligentUserManagerCerberosFilter user " + confluenceUser.getName() + " belong to IUM Enable :" + DAO.getIUMGroups() + "  ==> forward doFilter ");
                }
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("Receivedsecure/restore  " + httpServletRequest.getRequestURI() + " ,servletPath=" + (httpServletRequest.getServletPath() != null ? httpServletRequest.getServletPath() : "NULL"));
                }
                doGlobalRedirect(httpServletRequest, (HttpServletResponse) servletResponse);
                return;
            }
        }
        if (httpServletRequest.getRequestURI() != null && (httpServletRequest.getRequestURI().contains("/rest/") || httpServletRequest.getRequestURI().contains("/json/"))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getRequestURI() != null && (httpServletRequest.getRequestURI().contains("/rest/IUM/latest/apps/check") || httpServletRequest.getRequestURI().contains("/rest/IUM/latest/apps/retry/"))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("IntelligentUserManagerCerberosFilter try to enable user = " + confluenceUser.getName() + ", for pathInfo=" + (httpServletRequest.getPathInfo() != null ? httpServletRequest.getPathInfo() : "N/A"));
        }
        CurrentUser enableUserFromGroup = this.helperService.enableUserFromGroup(confluenceUser, httpServletRequest);
        if (log.isDebugEnabled()) {
            log.debug("IntelligentUserManagerCerberosFilter InputUser=" + confluenceUser.getName() + ((enableUserFromGroup == null || enableUserFromGroup.user == null) ? " couldn't be enabled" : "  ==> enabled with success=" + enableUserFromGroup.user.getName()));
        }
        if (enableUserFromGroup == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (enableUserFromGroup.user == null) {
            renderQueueVM(enableUserFromGroup.noOfUsers, httpServletRequest, (HttpServletResponse) servletResponse);
            return;
        }
        if (httpServletRequest.getRequestURI() == null || !httpServletRequest.getRequestURI().contains(URI_RESTORE) || !httpServletRequest.getMethod().equalsIgnoreCase("POST")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Received secure/restore " + httpServletRequest.getRequestURI() + " ,servletPath=" + (httpServletRequest.getServletPath() != null ? httpServletRequest.getServletPath() : "NULL"));
        }
        doGlobalRedirect(httpServletRequest, (HttpServletResponse) servletResponse);
    }

    private void doGlobalRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(ORIGIN);
        if (parameter == null || parameter.length() <= 0) {
            if (log.isDebugEnabled()) {
                log.debug("doGlobalRedirect  ==> /");
            }
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/");
        } else {
            if (log.isDebugEnabled()) {
                log.debug("doGlobalRedirect  ==> " + parameter);
            }
            httpServletResponse.sendRedirect(parameter);
        }
    }

    private void renderQueueVM(int i, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header;
        this.applicationProperties.getBaseUrl();
        String parameter = httpServletRequest.getParameter(ORIGIN);
        if ((parameter == null || parameter.length() == 0) && (header = httpServletRequest.getHeader("referer")) != null && !header.contains(URI_DISABLE) && !header.contains("/login.jsp")) {
            if (log.isDebugEnabled()) {
                log.debug("Retrive referrer from request: " + header + " update latest ref");
            }
            parameter = header;
        }
        HashMap hashMap = new HashMap();
        hashMap.put(ORIGIN, parameter);
        hashMap.put("redirUrl", this.applicationProperties.getBaseUrl());
        hashMap.put("duration", DAO.getDuration());
        hashMap.put("username", httpServletRequest.getRemoteUser());
        hashMap.put("queueSize", Integer.valueOf(i));
        httpServletResponse.setContentType("text/html;charset=utf-8");
        this.pageBuilderService.assembler().resources().requireWebResource("de.accxia.apps.confluence.IUM.IUM4Confluence:IUM-Check-resources");
        this.pageBuilderService.assembler().assembled().drainIncludedResources().writeHtmlTags(httpServletResponse.getWriter(), UrlMode.RELATIVE);
        this.renderer.render("templates/queue_IUM.vm", hashMap, httpServletResponse.getWriter());
    }

    private void doDebugRequestData(ServletRequest servletRequest, ServletResponse servletResponse) {
        try {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (httpServletRequest.getQueryString() != null) {
                log.debug("QueryString=" + httpServletRequest.getQueryString());
            }
            for (Cookie cookie : httpServletRequest.getCookies()) {
                log.debug(cookie.getName() + " " + cookie.getValue());
            }
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            if (headerNames != null) {
                while (headerNames.hasMoreElements()) {
                    String str = (String) headerNames.nextElement();
                    log.debug(str + "=" + httpServletRequest.getHeader(str));
                }
            }
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String str2 = (String) parameterNames.nextElement();
                log.debug(str2 + "=" + httpServletRequest.getParameter(str2));
            }
            Enumeration attributeNames = httpServletRequest.getAttributeNames();
            while (attributeNames.hasMoreElements()) {
                String str3 = (String) attributeNames.nextElement();
                log.debug(str3 + "=" + httpServletRequest.getParameter(str3));
            }
        } catch (Exception e) {
            log.error("Exception: " + e.getMessage(), e);
        }
    }
}
