package org.tbk.spring.lnurl.security.ui;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;
import org.tbk.lnurl.auth.LnurlAuth;
import org.tbk.lnurl.auth.LnurlAuthFactory;
import org.tbk.spring.lnurl.security.ui.LoginScriptGenerator;

/* loaded from: input_file:org/tbk/spring/lnurl/security/ui/LnurlAuthLoginPageGeneratingFilter.class */
public class LnurlAuthLoginPageGeneratingFilter extends GenericFilterBean {
    private static final Logger log = LoggerFactory.getLogger(LnurlAuthLoginPageGeneratingFilter.class);
    private static final String HTML_CONTENT_TYPE = new MediaType("text", "html", StandardCharsets.UTF_8).toString();
    private static final String STYLESHEET_CONTENT_TYPE = new MediaType("text", "css", StandardCharsets.UTF_8).toString();
    private static final String JAVASCRIPT_CONTENT_TYPE = new MediaType("application", "javascript", StandardCharsets.UTF_8).toString();
    private boolean enabled = true;
    private final String k1AttributeName;
    private final String loginPageUrl;
    private final String sessionAuthenticationUrl;
    private final LnurlAuthFactory lnurlAuthFactory;
    private final String logoutSuccessUrl;
    private final String failureUrl;
    private final String loginScriptUrl;
    private final String loginStylesheetUrl;
    private final LoginPageGenerator loginPageGenerator;

    public LnurlAuthLoginPageGeneratingFilter(LnurlAuthFactory lnurlAuthFactory, String str, String str2, String str3) {
        Assert.hasText(str3, "'k1AttributeName' must not be empty");
        Assert.hasText(str, "'defaultLoginPageUrl' must not be empty");
        Assert.hasText(str2, "'sessionAuthenticationUrl' must not be empty");
        this.lnurlAuthFactory = (LnurlAuthFactory) Objects.requireNonNull(lnurlAuthFactory);
        this.loginPageUrl = str;
        this.sessionAuthenticationUrl = str2;
        this.k1AttributeName = str3;
        this.logoutSuccessUrl = this.loginPageUrl + "?logout";
        this.failureUrl = this.loginPageUrl + "?error";
        this.loginScriptUrl = this.loginPageUrl + "?script=default";
        this.loginStylesheetUrl = this.loginPageUrl + "?stylesheet=default";
        this.loginPageGenerator = new LoginPageGenerator(LoginScriptGenerator.ScriptConfig.builder().initialDelay(Duration.ofSeconds(3L)).pollingInterval(Duration.ofSeconds(3L)).maxAttempts(100).build());
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        doFilter((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
    }

    private void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (isEnabled()) {
            if (isLoginScriptRequest(httpServletRequest)) {
                writeLoginScript(httpServletRequest, httpServletResponse);
                return;
            }
            if (isLoginStylesheetRequest(httpServletRequest)) {
                writeLoginStylesheet(httpServletRequest, httpServletResponse);
                return;
            }
            boolean isErrorPage = isErrorPage(httpServletRequest);
            boolean isLogoutSuccess = isLogoutSuccess(httpServletRequest);
            if (isLoginUrlRequest(httpServletRequest) || isErrorPage || isLogoutSuccess) {
                LnurlAuth createLnUrlAuth = this.lnurlAuthFactory.createLnUrlAuth();
                if (!(httpServletRequest.getUserPrincipal() != null)) {
                    httpServletRequest.getSession(true).setAttribute(this.k1AttributeName, createLnUrlAuth.getK1().toHex());
                }
                writeLoginPage(httpServletRequest, httpServletResponse, createLnUrlAuth);
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    @SuppressFBWarnings({"XSS_SERVLET"})
    private void writeLoginStylesheet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String createStylesheet = this.loginPageGenerator.createStylesheet();
        httpServletResponse.setContentType(STYLESHEET_CONTENT_TYPE);
        httpServletResponse.setContentLength(createStylesheet.getBytes(StandardCharsets.UTF_8).length);
        httpServletResponse.getWriter().write(createStylesheet);
    }

    @SuppressFBWarnings({"XSS_SERVLET"})
    private void writeLoginScript(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String createScript = this.loginPageGenerator.createScript(httpServletRequest.getContextPath() + this.sessionAuthenticationUrl, httpServletRequest.getUserPrincipal(), (String) Optional.ofNullable(httpServletRequest.getSession(false)).map(httpSession -> {
            return httpSession.getAttribute("SPRING_SECURITY_LAST_EXCEPTION");
        }).map(obj -> {
            return (AuthenticationException) obj;
        }).map((v0) -> {
            return v0.getMessage();
        }).orElse(null));
        httpServletResponse.setContentType(JAVASCRIPT_CONTENT_TYPE);
        httpServletResponse.setContentLength(createScript.getBytes(StandardCharsets.UTF_8).length);
        httpServletResponse.getWriter().write(createScript);
    }

    private void writeLoginPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LnurlAuth lnurlAuth) throws IOException {
        LnurlQrcode lnurlQrcode = new LnurlQrcode(lnurlAuth.toLnurl(), 300);
        writeHtml(httpServletRequest, httpServletResponse, this.loginPageGenerator.createLoginPage(httpServletRequest.getContextPath() + this.loginStylesheetUrl, httpServletRequest.getContextPath() + this.loginScriptUrl, lnurlQrcode));
    }

    @SuppressFBWarnings({"XSS_SERVLET"})
    private void writeHtml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setContentType(HTML_CONTENT_TYPE);
        httpServletResponse.setContentLength(str.getBytes(StandardCharsets.UTF_8).length);
        httpServletResponse.getWriter().write(str);
    }

    private boolean isLogoutSuccess(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.logoutSuccessUrl);
    }

    private boolean isLoginUrlRequest(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.loginPageUrl);
    }

    private boolean isErrorPage(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.failureUrl);
    }

    private boolean isLoginScriptRequest(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.loginScriptUrl);
    }

    private boolean isLoginStylesheetRequest(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.loginStylesheetUrl);
    }

    private boolean matches(HttpServletRequest httpServletRequest, String str) {
        if (str == null || !HttpMethod.GET.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
            return false;
        }
        String requestURI = httpServletRequest.getRequestURI();
        int indexOf = requestURI.indexOf(59);
        if (indexOf > 0) {
            requestURI = requestURI.substring(0, indexOf);
        }
        if (httpServletRequest.getQueryString() != null) {
            requestURI = requestURI + "?" + httpServletRequest.getQueryString();
        }
        return "".equals(httpServletRequest.getContextPath()) ? requestURI.equals(str) : requestURI.equals(httpServletRequest.getContextPath() + str);
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public boolean isEnabled() {
        return this.enabled;
    }
}
