package net.sf.jstuff.integration.auth;

import jakarta.inject.Inject;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import net.sf.jstuff.core.logging.Logger;
import net.sf.jstuff.core.validation.NullAnalysisHelper;
import net.sf.jstuff.integration.userregistry.UserDetailsService;

/* loaded from: input_file:net/sf/jstuff/integration/auth/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private static final Logger LOG = Logger.create();
    private static final String SESSION_AUTHENTICATION_ATTRIBUTE = Authentication.class.getName();
    public static final ThreadLocal<HttpServletRequest> HTTP_SERVLET_REQUEST_HOLDER = new ThreadLocal<>();
    private AuthService authService = (AuthService) NullAnalysisHelper.lateNonNull();
    private UserDetailsService userDetailsService = (UserDetailsService) NullAnalysisHelper.lateNonNull();

    public SecurityFilter() {
        LOG.infoNew(this);
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HTTP_SERVLET_REQUEST_HOLDER.set(httpServletRequest);
        HttpSession session = httpServletRequest.getSession();
        LOG.debug("URI = %s", httpServletRequest.getRequestURI());
        boolean z = false;
        Authentication authentication = (Authentication) session.getAttribute(SESSION_AUTHENTICATION_ATTRIBUTE);
        try {
            if (authentication == null) {
                try {
                    String remoteUser = httpServletRequest.getRemoteUser();
                    if (remoteUser != null) {
                        authentication = new DefaultAuthentication(this.userDetailsService.getUserDetailsByLogonName(remoteUser), (String) session.getAttribute("j_password"));
                        session.removeAttribute("j_password");
                        session.setAttribute(SESSION_AUTHENTICATION_ATTRIBUTE, authentication);
                    } else {
                        authentication = DefaultAuthentication.UNBOUND;
                    }
                } catch (PermissionDeniedException e) {
                    if (servletResponse.isCommitted()) {
                        throw e;
                    }
                    ((HttpServletResponse) servletResponse).sendError(403, e.getMessage());
                    Authentication authentication2 = AuthenticationHolder.getAuthentication();
                    if (z && !authentication2.isAuthenticated()) {
                        session.invalidate();
                    } else if (!z && authentication2.isAuthenticated()) {
                        session.setAttribute(SESSION_AUTHENTICATION_ATTRIBUTE, AuthenticationHolder.getAuthentication());
                    }
                    AuthenticationHolder.setAuthentication(DefaultAuthentication.UNBOUND);
                    HTTP_SERVLET_REQUEST_HOLDER.remove();
                    return;
                }
            }
            AuthenticationHolder.setAuthentication(authentication);
            z = authentication.isAuthenticated();
            this.authService.assertURIAccess(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()));
            filterChain.doFilter(servletRequest, servletResponse);
            Authentication authentication3 = AuthenticationHolder.getAuthentication();
            if (z && !authentication3.isAuthenticated()) {
                session.invalidate();
            } else if (!z && authentication3.isAuthenticated()) {
                session.setAttribute(SESSION_AUTHENTICATION_ATTRIBUTE, AuthenticationHolder.getAuthentication());
            }
            AuthenticationHolder.setAuthentication(DefaultAuthentication.UNBOUND);
            HTTP_SERVLET_REQUEST_HOLDER.remove();
        } catch (Throwable th) {
            Authentication authentication4 = AuthenticationHolder.getAuthentication();
            if (z && !authentication4.isAuthenticated()) {
                session.invalidate();
            } else if (!z && authentication4.isAuthenticated()) {
                session.setAttribute(SESSION_AUTHENTICATION_ATTRIBUTE, AuthenticationHolder.getAuthentication());
            }
            AuthenticationHolder.setAuthentication(DefaultAuthentication.UNBOUND);
            HTTP_SERVLET_REQUEST_HOLDER.remove();
            throw th;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Inject
    public void setAuthService(AuthService authService) {
        this.authService = authService;
    }

    @Inject
    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
