package org.craftercms.studio.impl.v1.web.filter;

import java.io.IOException;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.http.HttpUtils;
import org.craftercms.studio.api.v1.constant.CStudioConstants;
import org.craftercms.studio.api.v1.service.security.SecurityService;
import org.craftercms.studio.impl.v1.util.SessionTokenUtils;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/classes/org/craftercms/studio/impl/v1/web/filter/StudioAuthenticationFilter.class */
public class StudioAuthenticationFilter extends GenericFilterBean {
    protected int sessionTimeout;
    protected String[] publicUrls;
    protected SecurityService securityService;
    protected boolean ssoEnabled = false;
    protected String ssoHeaderName;

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestUriWithoutContextPath = HttpUtils.getRequestUriWithoutContextPath(httpServletRequest);
        if (ArrayUtils.contains(this.publicUrls, requestUriWithoutContextPath) || !StringUtils.startsWith(requestUriWithoutContextPath, "/api/")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!isAuthentcated()) {
            this.securityService.logout();
            httpServletResponse.sendError(401);
        } else if (!isSessionExpired(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            this.securityService.logout();
            httpServletResponse.sendError(401);
        }
    }

    private boolean isSessionExpired(HttpServletRequest httpServletRequest) {
        if (this.ssoEnabled) {
            return StringUtils.isEmpty(httpServletRequest.getHeader(this.ssoHeaderName));
        }
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute(CStudioConstants.STUDIO_SESSION_TOKEN_ATRIBUTE);
        String currentUser = this.securityService.getCurrentUser();
        if (!StringUtils.isNotEmpty(str) || !StringUtils.isNotEmpty(currentUser) || !SessionTokenUtils.validateToken(str, currentUser)) {
            return true;
        }
        session.setAttribute(CStudioConstants.STUDIO_SESSION_TOKEN_ATRIBUTE, SessionTokenUtils.createToken(currentUser, this.sessionTimeout));
        return false;
    }

    private boolean isAuthentcated() {
        Map<String, String> userProfile;
        String currentToken = this.securityService.getCurrentToken();
        String currentUser = this.securityService.getCurrentUser();
        return (StringUtils.isEmpty(currentUser) || StringUtils.isEmpty(currentToken) || (userProfile = this.securityService.getUserProfile(currentUser)) == null || userProfile.isEmpty()) ? false : true;
    }

    public String[] getPublicUrls() {
        return this.publicUrls;
    }

    public void setPublicUrls(String[] strArr) {
        this.publicUrls = strArr;
    }

    public int getSessionTimeout() {
        return this.sessionTimeout;
    }

    public void setSessionTimeout(int i) {
        this.sessionTimeout = i;
    }

    public SecurityService getSecurityService() {
        return this.securityService;
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public boolean isSsoEnabled() {
        return this.ssoEnabled;
    }

    public void setSsoEnabled(boolean z) {
        this.ssoEnabled = z;
    }

    public String getSsoHeaderName() {
        return this.ssoHeaderName;
    }

    public void setSsoHeaderName(String str) {
        this.ssoHeaderName = str;
    }
}
