package edu.internet2.middleware.grouper.ui;

import edu.internet2.middleware.grouper.GrouperHelper;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.exception.GrouperSessionException;
import edu.internet2.middleware.grouper.misc.GrouperSessionHandler;
import edu.internet2.middleware.grouper.misc.GrouperStartup;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.internet2.middleware.subject.SubjectNotUniqueException;
import java.io.IOException;
import java.util.Date;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/internet2/middleware/grouper/ui/LoginCheckFilter.class */
public class LoginCheckFilter implements Filter {
    protected Log tLOG = LogFactory.getLog("timings");
    protected Log LOG = LogFactory.getLog(LoginCheckFilter.class);
    private String failureUrl = "/";
    private String ignore = "";
    private String grouperRole = "*";

    public void init(FilterConfig filterConfig) throws ServletException {
        GrouperStartup.startup();
        String initParameter = filterConfig.getInitParameter("failureUrl");
        if (initParameter != null) {
            this.failureUrl = initParameter;
        }
        String initParameter2 = filterConfig.getInitParameter("grouperRole");
        if (initParameter2 != null) {
            this.grouperRole = initParameter2;
        }
        String initParameter3 = filterConfig.getInitParameter("ignore");
        if (initParameter3 != null) {
            this.ignore = initParameter3;
        }
    }

    public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession();
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (int i = 0; i < cookies.length; i++) {
                if ("_grouper_loggedOut".equals(cookies[i].getName()) && "pending".equals(cookies[i].getValue()) && httpServletRequest.getRemoteUser() != null) {
                    cookies[i].setMaxAge(0);
                    httpServletResponse.addCookie(cookies[i]);
                    httpServletResponse.setHeader("GrouperRelogin", "true");
                }
            }
        }
        String servletPath = httpServletRequest.getServletPath();
        int lastIndexOf = servletPath.lastIndexOf("/");
        String substring = servletPath.substring(lastIndexOf);
        String substring2 = lastIndexOf > 1 ? servletPath.substring(1, lastIndexOf) : "";
        String str = (String) session.getAttribute("authUser");
        boolean z = this.ignore.indexOf(new StringBuilder().append(":").append(substring).append(":").toString()) > -1;
        if (Boolean.TRUE.equals(httpServletRequest.getAttribute("forceNewLogin"))) {
            z = false;
        }
        if (z || str != null || 0 != 0) {
            if (str != null && (session.getAttribute("sessionInited") == null || session.getAttribute("sessionInited").equals(Boolean.FALSE))) {
                try {
                    SessionInitialiser.init(httpServletRequest);
                } catch (Exception e) {
                    throw new ServletException(e);
                }
            }
            Date date = new Date();
            SessionInitialiser.initThread(session);
            try {
                GrouperSession.callbackGrouperSession(SessionInitialiser.getGrouperSession(session), new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.ui.LoginCheckFilter.1
                    public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                        try {
                            filterChain.doFilter(servletRequest, servletResponse);
                            return null;
                        } catch (ServletException e2) {
                            throw new GrouperSessionException(e2);
                        } catch (IOException e3) {
                            throw new GrouperSessionException(e3);
                        }
                    }
                });
                Date date2 = new Date();
                if (this.tLOG != null) {
                    String str2 = (String) httpServletRequest.getAttribute("timingsClass");
                    Long l = (Long) httpServletRequest.getAttribute("timingsMS");
                    if (l != null) {
                        long time = date2.getTime() - date.getTime();
                        long longValue = l.longValue();
                        this.tLOG.debug(httpServletRequest.getServletPath() + "," + str2 + "," + time + "," + longValue + "," + (time - longValue));
                        return;
                    }
                    return;
                }
                return;
            } catch (GrouperSessionException e2) {
                if (e2.getCause() instanceof IOException) {
                    throw ((IOException) e2.getCause());
                }
                if (!(e2.getCause() instanceof ServletException)) {
                    throw e2;
                }
                throw e2.getCause();
            }
        }
        final String remoteUser = GrouperUiFilter.remoteUser(httpServletRequest);
        if (remoteUser == null || remoteUser.length() == 0 || !("*".equals(this.grouperRole) || httpServletRequest.isUserInRole(this.grouperRole) || "y".equals(httpServletRequest.getParameter("badRole")))) {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.failureUrl + "?badRole=y" + substring2);
            return;
        }
        Subject subject = null;
        UnrecoverableErrorException unrecoverableErrorException = null;
        GrouperSession startRootSession = GrouperSession.startRootSession(false);
        try {
            try {
                try {
                    try {
                        subject = (Subject) GrouperSession.callbackGrouperSession(startRootSession, new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.ui.LoginCheckFilter.2
                            public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                                return SubjectFinder.findByIdOrIdentifier(remoteUser, true);
                            }
                        });
                        GrouperSession.stopQuietly(startRootSession);
                    } catch (SubjectNotFoundException e3) {
                        this.LOG.error(remoteUser + " is not recognised", e3);
                        unrecoverableErrorException = new UnrecoverableErrorException("error.login.not-recognised", e3);
                        GrouperSession.stopQuietly(startRootSession);
                    }
                } catch (Exception e4) {
                    this.LOG.error("Problem looking up remote user: " + remoteUser, e4);
                    unrecoverableErrorException = new UnrecoverableErrorException("error.login.serious-error", e4);
                    GrouperSession.stopQuietly(startRootSession);
                }
            } catch (Throwable th) {
                GrouperSession.stopQuietly(startRootSession);
                throw th;
            }
        } catch (SubjectNotUniqueException e5) {
            this.LOG.error(remoteUser + " is not unique", e5);
            unrecoverableErrorException = new UnrecoverableErrorException("error.login.not-unique", e5);
            GrouperSession.stopQuietly(startRootSession);
        }
        if (unrecoverableErrorException != null) {
            throw unrecoverableErrorException;
        }
        session.setAttribute("authUser", remoteUser);
        try {
            GrouperSession start = GrouperSession.start(subject);
            httpServletRequest.getSession().setAttribute("edu.intenet2.middleware.grouper.ui.GrouperSession", start);
            ErrorFilter.initNDC(httpServletRequest);
            try {
                SessionInitialiser.init(httpServletRequest);
                SessionInitialiser.initThread(session);
                httpServletRequest.getSession().setAttribute("AuthSubject", GrouperHelper.subject2Map(subject));
                try {
                    GrouperSession.callbackGrouperSession(start, new GrouperSessionHandler() { // from class: edu.internet2.middleware.grouper.ui.LoginCheckFilter.3
                        public Object callback(GrouperSession grouperSession) throws GrouperSessionException {
                            try {
                                filterChain.doFilter(servletRequest, servletResponse);
                                return null;
                            } catch (ServletException e6) {
                                throw new GrouperSessionException(e6);
                            } catch (IOException e7) {
                                throw new GrouperSessionException(e7);
                            }
                        }
                    });
                } catch (GrouperSessionException e6) {
                    if (e6.getCause() instanceof IOException) {
                        throw ((IOException) e6.getCause());
                    }
                    if (!(e6.getCause() instanceof ServletException)) {
                        throw e6;
                    }
                    throw e6.getCause();
                }
            } catch (Exception e7) {
                throw new ServletException(e7);
            }
        } catch (Exception e8) {
            throw new ServletException(e8);
        }
    }

    private void initSession(ServletRequest servletRequest, HttpServletResponse httpServletResponse) throws Exception {
        servletRequest.getRequestDispatcher("/WEB-INF/jsp/initSession.jsp").include(servletRequest, new CaptureHttpServletResponse(httpServletResponse));
    }

    public void destroy() {
    }
}
