package com.gentics.contentnode.rest.filters;

import com.gentics.api.lib.etc.ObjectTransformer;
import com.gentics.api.lib.exception.NodeException;
import com.gentics.contentnode.etc.ContentNodeHelper;
import com.gentics.contentnode.factory.InvalidSessionIdException;
import com.gentics.contentnode.factory.Session;
import com.gentics.contentnode.factory.SessionToken;
import com.gentics.contentnode.factory.Trx;
import com.gentics.contentnode.rest.util.MiscUtils;
import com.gentics.lib.log.NodeLogger;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Priority;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Provider;
import org.apache.http.client.utils.URLEncodedUtils;
import org.glassfish.jersey.media.multipart.FormDataMultiPart;
import org.glassfish.jersey.message.internal.MediaTypes;
import org.glassfish.jersey.server.ContainerRequest;

@Provider
@Priority(1000)
@Authenticated
/* loaded from: input_file:com/gentics/contentnode/rest/filters/AuthenticationRequestFilter.class */
public class AuthenticationRequestFilter implements ContainerRequestFilter {

    @Context
    UriInfo uriInfo;

    @Context
    HttpHeaders headers;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        String sid = getSid(containerRequestContext);
        String sessionSecret = getSessionSecret();
        if (ObjectTransformer.isEmpty(sid)) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).entity("sid and session secret required").build());
            return;
        }
        try {
            SessionToken sessionToken = new SessionToken(sid, sessionSecret);
            Trx trx = new Trx(sid, (Integer) null);
            try {
                Session session = trx.getTransaction().getSession();
                if (!sessionToken.authenticates(session)) {
                    throw new InvalidSessionIdException(sid);
                }
                session.touch();
                trx.success();
                trx.close();
                ContentNodeHelper.setSession(session);
            } catch (Throwable th) {
                try {
                    trx.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (InvalidSessionIdException e) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).entity("invalid sid").build());
        } catch (NodeException e2) {
            NodeLogger.getNodeLogger(getClass()).error(e2);
            containerRequestContext.abortWith(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(MiscUtils.serverError()).build());
        }
    }

    private String getSid(ContainerRequestContext containerRequestContext) {
        Optional flatMap = Optional.ofNullable((List) this.uriInfo.getQueryParameters().get(SessionToken.SESSION_ID_QUERY_PARAM_NAME)).flatMap(list -> {
            return list.stream().findFirst();
        });
        if (flatMap.isPresent()) {
            return (String) flatMap.get();
        }
        Optional map = Optional.ofNullable(this.headers.getHeaderString("Referer")).map(this::getSidFromReferer);
        if (flatMap.isPresent()) {
            return (String) map.get();
        }
        if (!MediaTypes.typeEqual(containerRequestContext.getMediaType(), MediaType.MULTIPART_FORM_DATA_TYPE) || !containerRequestContext.hasEntity() || !(containerRequestContext instanceof ContainerRequest)) {
            return null;
        }
        ContainerRequest containerRequest = (ContainerRequest) containerRequestContext;
        containerRequest.bufferEntity();
        return (String) Optional.ofNullable(((FormDataMultiPart) containerRequest.readEntity(FormDataMultiPart.class)).getField(SessionToken.SESSION_ID_QUERY_PARAM_NAME)).map((v0) -> {
            return v0.getValue();
        }).orElse(null);
    }

    private String getSidFromReferer(String str) {
        try {
            return (String) URLEncodedUtils.parse(new URI(str), SessionToken.SANE_DEFAULT_QUERY_STRING_ENCODING).stream().filter(nameValuePair -> {
                return SessionToken.SESSION_ID_QUERY_PARAM_NAME.equals(nameValuePair.getName());
            }).map((v0) -> {
                return v0.getValue();
            }).findFirst().orElse(null);
        } catch (URISyntaxException e) {
            return null;
        }
    }

    private String getSessionSecret() {
        Cookie cookie;
        Map cookies = this.headers.getCookies();
        if (null == cookies || null == (cookie = (Cookie) cookies.get(SessionToken.SESSION_SECRET_COOKIE_NAME))) {
            return null;
        }
        return cookie.getValue();
    }
}
