package org.efaps.ui.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.efaps.util.RequestHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/efaps/ui/filter/FormBasedAuthenticationFilter.class */
public class FormBasedAuthenticationFilter extends AbstractAuthenticationFilter {
    private static final Logger LOG = LoggerFactory.getLogger(FormBasedAuthenticationFilter.class);
    public static final String SESSIONPARAM_LOGIN_FORWARD = "login.forward";
    public static final String INIT_PARAM_URL_LOGIN_PAGE = "urlLoginPage";
    public static final String INIT_PARAM_URL_IGNORE = "urlIgnore";
    public static final String INIT_PARAM_URL_LOGIN = "urlLogin";
    public static final String INIT_PARAM_URL_LOGOUT = "urlLogout";
    private static final String INIT_PARAM_URL_FORWARD = "urlForward";
    public static final String INIT_PARAM_LOGIN_PARAM_NAME = "loginParamName";
    public static final String INIT_PARAM_LOGIN_PARAM_PASSWORD = "loginParamPassword";
    private final Set<String> exludeUris = new HashSet();
    private String urlNotLoggedInForward = null;
    private String urlLogin = null;
    private String urlLogout = null;
    private String urlForward = "${COMMONURL}/Main.jsf";
    private String paramLoginName = null;
    private String paramLoginPassword = null;

    @Override // org.efaps.ui.filter.AbstractAuthenticationFilter, org.efaps.ui.filter.AbstractFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        String str = "/" + filterConfig.getServletContext().getServletContextName() + "/";
        this.urlNotLoggedInForward = filterConfig.getInitParameter(INIT_PARAM_URL_IGNORE);
        if (this.urlNotLoggedInForward != null && this.urlNotLoggedInForward.length() > 0) {
            this.exludeUris.add((str + this.urlNotLoggedInForward).replaceAll("//+", "/"));
        }
        this.urlNotLoggedInForward = filterConfig.getInitParameter(INIT_PARAM_URL_LOGIN_PAGE);
        if (this.urlNotLoggedInForward == null || this.urlNotLoggedInForward.length() == 0) {
            this.urlNotLoggedInForward = "login.jsp";
        }
        this.urlNotLoggedInForward = ("/" + this.urlNotLoggedInForward).replaceAll("//+", "/");
        this.exludeUris.add((str + this.urlNotLoggedInForward).replaceAll("//+", "/"));
        this.urlLogin = filterConfig.getInitParameter(INIT_PARAM_URL_LOGIN);
        if (this.urlLogin == null || this.urlLogin.length() == 0) {
            this.urlLogin = "login";
        }
        this.urlLogin = (str + "/" + this.urlLogin).replaceAll("//+", "/");
        this.urlLogout = filterConfig.getInitParameter(INIT_PARAM_URL_LOGOUT);
        if (this.urlLogout == null || this.urlLogout.length() == 0) {
            this.urlLogout = "logout";
        }
        this.urlLogout = (str + "/" + this.urlLogout).replaceAll("//+", "/");
        this.urlForward = filterConfig.getInitParameter(INIT_PARAM_URL_FORWARD);
        if (this.urlForward == null || this.urlForward.length() == 0) {
            this.urlForward = "${COMMONURL}/Main.jsf";
        }
        this.paramLoginName = filterConfig.getInitParameter(INIT_PARAM_LOGIN_PARAM_NAME);
        if (this.paramLoginName == null || this.paramLoginName.length() == 0) {
            this.paramLoginName = "name";
        }
        this.paramLoginPassword = filterConfig.getInitParameter(INIT_PARAM_LOGIN_PARAM_PASSWORD);
        if (this.paramLoginPassword == null || this.paramLoginPassword.length() == 0) {
            this.paramLoginPassword = "password";
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.efaps.ui.filter.AbstractAuthenticationFilter, org.efaps.ui.filter.AbstractFilter
    public void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!this.urlLogout.equals(httpServletRequest.getRequestURI().replaceAll("//+", "/"))) {
            super.doFilter(httpServletRequest, httpServletResponse, filterChain);
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        Enumeration attributeNames = session.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            session.removeAttribute((String) attributeNames.nextElement());
        }
        httpServletRequest.getRequestDispatcher("/").forward(httpServletRequest, httpServletResponse);
    }

    @Override // org.efaps.ui.filter.AbstractAuthenticationFilter
    protected void doAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String replaceAll = httpServletRequest.getRequestURI().replaceAll("//+", "/");
        boolean z = false;
        Iterator<String> it = this.exludeUris.iterator();
        while (it.hasNext()) {
            z = z || replaceAll.startsWith(it.next());
        }
        if (z) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (!this.urlLogin.equals(replaceAll)) {
            if (httpServletRequest.getRequestURI().endsWith("common/MenuTree.jsp")) {
                String requestURI = httpServletRequest.getRequestURI();
                if (httpServletRequest.getQueryString() != null) {
                    requestURI = requestURI + "?" + httpServletRequest.getQueryString();
                }
                httpServletRequest.getSession().setAttribute("login.forward", requestURI);
            }
            httpServletRequest.getRequestDispatcher(this.urlNotLoggedInForward).forward(httpServletRequest, httpServletResponse);
            return;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(httpServletRequest.toString());
        }
        String parameter = httpServletRequest.getParameter(this.paramLoginName);
        if (!checkLogin(parameter, httpServletRequest.getParameter(this.paramLoginPassword))) {
            doSendLoginFrameNotCorrect(httpServletRequest, httpServletResponse);
            return;
        }
        setLoggedInUser(httpServletRequest, parameter);
        httpServletResponse.setContentType("text/html");
        String str = (String) httpServletRequest.getSession().getAttribute("login.forward");
        if (str == null) {
            str = RequestHandler.replaceMacrosInUrl(this.urlForward);
        } else {
            httpServletRequest.getSession().removeAttribute("login.forward");
        }
        httpServletResponse.sendRedirect(str);
    }

    protected void doSendLoginFrameNotCorrect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html");
        PrintWriter printWriter = null;
        try {
            try {
                try {
                    printWriter = httpServletResponse.getWriter();
                    printWriter.println("<html><head><title>eFaps</title></head><script type=\"text/javascript\">function wrongLogin() {}</script><frameset><frame src=\"" + httpServletRequest.getContextPath() + "\" name=\"Login\"></frameset></html>");
                    printWriter.close();
                } catch (IOException e) {
                    throw e;
                }
            } catch (Exception e2) {
                LOG.error("Could not write the frame for not correct login.", e2);
                throw new ServletException(e2);
            }
        } catch (Throwable th) {
            printWriter.close();
            throw th;
        }
    }
}
