package org.cricketmsf.microsite.auth;

import ch.qos.logback.core.CoreConstants;
import com.sun.net.httpserver.Filter;
import com.sun.net.httpserver.HttpExchange;
import java.io.IOException;
import java.util.Map;
import org.cricketmsf.Kernel;
import org.cricketmsf.api.ResponseCode;
import org.cricketmsf.microsite.out.auth.AuthException;
import org.cricketmsf.microsite.out.user.User;
import org.cricketmsf.out.auth.AuthAdapterIface;
import org.quartz.jobs.NativeJob;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/cricketmsf/microsite/auth/AuthorizationFilter.class */
public class AuthorizationFilter extends Filter {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AuthorizationFilter.class);
    private static final String PERMANENT_TOKEN_PREFIX = "~~";
    private String[] restrictedPost = null;
    private String[] restrictedPut = null;
    private String[] restrictedGet = null;
    private String[] restrictedDelete = null;
    private boolean authRequired = false;

    public String description() {
        return "Microsite security filter";
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x010b, code lost:
    
        switch(r19) {
            case 0: goto L29;
            case 1: goto L30;
            case 2: goto L31;
            case 3: goto L32;
            case 4: goto L33;
            default: goto L54;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x012c, code lost:
    
        r0.add(r0);
        r0.add(r0);
        r0.add(r0);
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0151, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:32:0x0160, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x016f, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x017e, code lost:
    
        r0.add(r0);
        r4.authRequired = true;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void initialize() {
        /*
            Method dump skipped, instructions count: 581
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.cricketmsf.microsite.auth.AuthorizationFilter.initialize():void");
    }

    private boolean isRestrictedPath(String str, String str2) {
        if (this.restrictedPost == null) {
            initialize();
        }
        if (!this.authRequired) {
            return false;
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 70454:
                if (str.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 79599:
                if (str.equals("PUT")) {
                    z = 2;
                    break;
                }
                break;
            case 2461856:
                if (str.equals("POST")) {
                    z = true;
                    break;
                }
                break;
            case 2012838315:
                if (str.equals("DELETE")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (this.restrictedGet == null) {
                    return false;
                }
                for (String str3 : this.restrictedGet) {
                    if (str2.startsWith(str3)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedPost == null) {
                    return false;
                }
                for (String str4 : this.restrictedPost) {
                    if (str2.startsWith(str4)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedPut == null) {
                    return false;
                }
                for (String str5 : this.restrictedPut) {
                    if (str2.startsWith(str5)) {
                        return true;
                    }
                }
                return false;
            case true:
                if (this.restrictedDelete == null) {
                    return false;
                }
                for (String str6 : this.restrictedDelete) {
                    if (str2.startsWith(str6)) {
                        return true;
                    }
                }
                return false;
            default:
                return false;
        }
    }

    public AuthorizationFilterResult checkRequest(HttpExchange httpExchange) {
        int indexOf;
        boolean z = true;
        try {
            z = !isRestrictedPath(httpExchange.getRequestMethod(), httpExchange.getRequestURI().getPath());
        } catch (Exception e) {
            e.printStackTrace();
            logger.debug(e.getMessage());
        }
        Map map = (Map) httpExchange.getAttribute(NativeJob.PROP_PARAMETERS);
        AuthorizationFilterResult authorizationFilterResult = new AuthorizationFilterResult();
        authorizationFilterResult.user = null;
        authorizationFilterResult.issuer = null;
        if (z) {
            if (map != null) {
                try {
                    String str = (String) map.get("tid");
                    if (null != str) {
                        if (str.endsWith("/")) {
                            str = str.substring(0, str.length() - 1);
                        }
                        authorizationFilterResult.user = getUser(str, true);
                        authorizationFilterResult.issuer = getIssuer(str);
                    }
                } catch (NullPointerException e2) {
                } catch (AuthException e3) {
                    logger.debug("AUTH PROBLEM " + e3.getCode() + " " + e3.getMessage());
                }
            }
            authorizationFilterResult.code = 200;
            authorizationFilterResult.message = CoreConstants.EMPTY_STRING;
            return authorizationFilterResult;
        }
        String str2 = null;
        String[] split = httpExchange.getRequestHeaders().getFirst("Authorization").split(" ");
        if (split.length == 2) {
            String str3 = split[0];
            boolean z2 = -1;
            switch (str3.hashCode()) {
                case 1967532549:
                    if (str3.equals("ApiKey")) {
                        z2 = false;
                        break;
                    }
                    break;
                case 1985802113:
                    if (str3.equals("Bearer")) {
                        z2 = true;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case false:
                    str2 = split[1];
                    break;
            }
        } else if (split.length == 1) {
            str2 = split[0];
        }
        User user = null;
        if (str2 == null || str2.isEmpty()) {
            if (null != map) {
                try {
                    str2 = (String) map.get("tid");
                    if (null != str2 && str2.endsWith("/")) {
                        str2 = str2.substring(0, str2.length() - 1);
                    }
                } catch (Exception e4) {
                    e4.printStackTrace();
                    logger.debug(e4.getMessage());
                }
            }
            if ((null == str2 || str2.isEmpty()) && (indexOf = httpExchange.getRequestURI().getQuery().indexOf("tid=")) >= 0) {
                str2 = httpExchange.getRequestURI().getQuery().substring(indexOf + 4);
                int indexOf2 = str2.indexOf("&");
                if (indexOf2 > 0) {
                    str2 = str2.substring(0, indexOf2);
                }
            }
            if (str2 != null && str2.endsWith("/")) {
                str2 = str2.substring(0, str2.length() - 1);
            }
        }
        try {
            User user2 = getUser(str2, str2.startsWith(PERMANENT_TOKEN_PREFIX));
            if ("public".equalsIgnoreCase(user2.getUid())) {
                user = getIssuer(str2);
            }
            authorizationFilterResult.user = user2;
            authorizationFilterResult.issuer = user;
            authorizationFilterResult.code = 200;
            return authorizationFilterResult;
        } catch (NullPointerException e5) {
            authorizationFilterResult.code = ResponseCode.FORBIDDEN;
            authorizationFilterResult.message = e5.getMessage() + " - request blocked by security filter\r\n";
            return authorizationFilterResult;
        } catch (Exception e6) {
            e6.printStackTrace();
            authorizationFilterResult.code = ResponseCode.FORBIDDEN;
            authorizationFilterResult.message = e6.getMessage() + " - request blocked by security filter\r\n";
            return authorizationFilterResult;
        }
    }

    private User getUser(String str, boolean z) throws AuthException {
        AuthAdapterIface authAdapter = Kernel.getInstance().getAuthAdapter();
        if (authAdapter != null) {
            return authAdapter.getUser(str, z);
        }
        return null;
    }

    private User getIssuer(String str) throws AuthException {
        AuthAdapterIface authAdapter = Kernel.getInstance().getAuthAdapter();
        if (authAdapter != null) {
            return authAdapter.getIssuer(str);
        }
        return null;
    }

    public void doFilter(HttpExchange httpExchange, Filter.Chain chain) throws IOException {
        AuthorizationFilterResult authorizationFilterResult = null;
        try {
            authorizationFilterResult = checkRequest(httpExchange);
        } catch (Exception e) {
            httpExchange.sendResponseHeaders(ResponseCode.BAD_REQUEST, e.getMessage().length());
            httpExchange.getResponseBody().write(e.getMessage().getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
        }
        if (authorizationFilterResult.code != 200) {
            if (authorizationFilterResult.message == null) {
                authorizationFilterResult.message = "authentication error";
            }
            httpExchange.sendResponseHeaders(authorizationFilterResult.code, authorizationFilterResult.message.length());
            httpExchange.getResponseBody().write(authorizationFilterResult.message.getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
            return;
        }
        try {
            if (authorizationFilterResult.user != null) {
                chain.doFilter(new Exchange(httpExchange, authorizationFilterResult.user, authorizationFilterResult.issuer));
            } else {
                chain.doFilter(httpExchange);
            }
        } catch (Exception e2) {
            httpExchange.sendResponseHeaders(ResponseCode.BAD_REQUEST, e2.getMessage().length());
            httpExchange.getResponseBody().write(e2.getMessage().getBytes());
            httpExchange.getResponseBody().close();
            httpExchange.close();
        }
    }
}
