package com.gentics.contentnode.auth.filter;

import com.gentics.api.lib.etc.ObjectTransformer;
import com.gentics.api.lib.exception.NodeException;
import com.gentics.api.lib.exception.ParserException;
import com.gentics.api.lib.expressionparser.EvaluableExpression;
import com.gentics.api.lib.expressionparser.ExpressionParser;
import com.gentics.api.lib.expressionparser.ExpressionQueryRequest;
import com.gentics.api.lib.resolving.PropertyResolver;
import com.gentics.contentnode.factory.ContentNodeFactory;
import com.gentics.contentnode.object.SystemUser;
import com.gentics.contentnode.object.UserGroup;
import com.gentics.contentnode.runtime.NodeConfigRuntimeConfiguration;
import com.gentics.lib.base.MapResolver;
import com.gentics.lib.base.factory.InvalidSessionIdException;
import com.gentics.lib.base.factory.Session;
import com.gentics.lib.base.factory.SessionToken;
import com.gentics.lib.base.factory.Transaction;
import com.gentics.lib.base.factory.TransactionException;
import com.gentics.lib.base.factory.TransactionManager;
import com.gentics.lib.etc.StringUtils;
import com.gentics.lib.log.NodeLogger;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.collections.EnumerationUtils;
import org.apache.commons.collections.iterators.IteratorEnumeration;

/* loaded from: input_file:com/gentics/contentnode/auth/filter/AbstractSSOFilter.class */
public abstract class AbstractSSOFilter implements Filter {
    protected NodeLogger logger = NodeLogger.getNodeLogger(getClass());
    public static final String INIT_GROUPS_PARAM = "initGroups";
    protected EvaluableExpression initGroupsExpression;

    /* loaded from: input_file:com/gentics/contentnode/auth/filter/AbstractSSOFilter$AuthenticatedHttpServletRequestWrapper.class */
    public static class AuthenticatedHttpServletRequestWrapper extends HttpServletRequestWrapper {
        protected Vector<Cookie> cookies;
        protected Map<String, String[]> parameterMap;

        public AuthenticatedHttpServletRequestWrapper(HttpServletRequest httpServletRequest, Session session) {
            super(httpServletRequest);
            this.cookies = new Vector<>();
            Cookie[] cookies = httpServletRequest.getCookies();
            if (cookies != null) {
                for (Cookie cookie : cookies) {
                    if (!"GCN_SESSION_SECRET".equals(cookie.getName())) {
                        this.cookies.add(cookie);
                    }
                }
            }
            Cookie cookie2 = new Cookie("GCN_SESSION_SECRET", session.getSessionSecret());
            cookie2.setPath("/");
            cookie2.setSecure(false);
            this.cookies.add(cookie2);
            this.parameterMap = new HashMap(httpServletRequest.getParameterMap().size() + 1);
            Iterator it = EnumerationUtils.toList(httpServletRequest.getParameterNames()).iterator();
            while (it.hasNext()) {
                String string = ObjectTransformer.getString(it.next(), (String) null);
                this.parameterMap.put(string, httpServletRequest.getParameterValues(string));
            }
            this.parameterMap.put("sid", new String[]{ObjectTransformer.getString(Integer.valueOf(session.getSessionId()), (String) null)});
        }

        public Cookie[] getCookies() {
            return (Cookie[]) this.cookies.toArray(new Cookie[this.cookies.size()]);
        }

        public Map<?, ?> getParameterMap() {
            return this.parameterMap;
        }

        public String getParameter(String str) {
            String[] parameterValues = getParameterValues(str);
            if (parameterValues == null || parameterValues.length <= 0) {
                return null;
            }
            return parameterValues[0];
        }

        public Enumeration<?> getParameterNames() {
            return new IteratorEnumeration(this.parameterMap.keySet().iterator());
        }

        public String[] getParameterValues(String str) {
            return this.parameterMap.get(str);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        String string = ObjectTransformer.getString(filterConfig.getInitParameter(INIT_GROUPS_PARAM), getDefaultInitGroupExpression());
        if (StringUtils.isEmpty(string)) {
            throw new ServletException("init-param initGroups is empty or missing");
        }
        try {
            this.initGroupsExpression = ExpressionParser.getInstance().parse(string);
        } catch (ParserException e) {
            throw new ServletException("Unable to parse initGroups", e);
        }
    }

    public void destroy() {
    }

    protected String getDefaultInitGroupExpression() {
        return null;
    }

    protected Transaction startTransaction() throws NodeException {
        return ContentNodeFactory.getInstance(NodeConfigRuntimeConfiguration.getDefault().getConfigKey()).startTransaction(true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServletRequest doSSOLogin(HttpServletRequest httpServletRequest, String str, Map<String, Object> map) throws ServletException {
        Transaction transaction = null;
        try {
            transaction = startTransaction();
            SystemUser systemUser = getSystemUser(str, map);
            boolean z = false;
            try {
                SessionToken sessionToken = new SessionToken(httpServletRequest);
                Session session = new Session(sessionToken.getSessionId(), transaction);
                if (sessionToken.authenticates(session) && session.getUserId() != ObjectTransformer.getInt(systemUser.getId(), -1)) {
                    session.logout();
                    z = true;
                }
            } catch (InvalidSessionIdException e) {
                z = true;
            }
            if (z) {
                httpServletRequest = new AuthenticatedHttpServletRequestWrapper(httpServletRequest, new Session(systemUser, httpServletRequest.getRemoteAddr(), httpServletRequest.getHeader("user-agent"), SessionToken.getSessionSecretFromRequestCookie(httpServletRequest)));
            }
            transaction.commit();
            return httpServletRequest;
        } catch (Exception e2) {
            if (transaction != null) {
                try {
                    transaction.rollback();
                } catch (TransactionException e3) {
                }
            }
            throw new ServletException(e2);
        }
    }

    protected SystemUser getSystemUser(String str, Map<String, Object> map) throws NodeException {
        SystemUser object;
        Transaction currentTransaction = TransactionManager.getCurrentTransaction();
        String string = ObjectTransformer.getString(map.get("firstname"), "");
        String string2 = ObjectTransformer.getString(map.get("lastname"), "");
        String string3 = ObjectTransformer.getString(map.get("email"), "");
        SystemUser systemUser = currentTransaction.getObjectFactory(SystemUser.class).getSystemUser(str, (String) null);
        if (systemUser == null) {
            object = (SystemUser) currentTransaction.createObject(SystemUser.class);
            object.setLogin(str);
            object.setPassword("SSO");
            object.setActive(true);
            HashMap hashMap = new HashMap();
            hashMap.put("attr", new MapResolver(map));
            hashMap.put("user", object);
            Collection collection = ObjectTransformer.getCollection(this.initGroupsExpression.evaluate(new ExpressionQueryRequest(new PropertyResolver(new MapResolver(hashMap)), (Map) null), 0), (Collection) null);
            List userGroups = object.getUserGroups();
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                int i = ObjectTransformer.getInt(it.next(), -1);
                if (i > 2) {
                    UserGroup object2 = currentTransaction.getObject(UserGroup.class, Integer.valueOf(i));
                    if (object2 == null) {
                        this.logger.warn("Could not find group " + i + " when syncing user " + str);
                    } else if (!userGroups.contains(object2)) {
                        userGroups.add(object2);
                    }
                }
            }
        } else {
            object = currentTransaction.getObject(SystemUser.class, systemUser.getId(), true);
        }
        object.setFirstname(string);
        object.setLastname(string2);
        object.setEmail(string3);
        object.save();
        return object;
    }
}
