package prerna.web.conf;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import java.util.stream.Collectors;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import prerna.auth.AuthProvider;
import prerna.auth.User;
import prerna.auth.utils.AbstractSecurityUtils;
import prerna.sablecc2.om.NounStore;
import prerna.util.Constants;
import prerna.web.requests.MultiReadHttpServletRequest;

/* loaded from: input_file:WEB-INF/classes/prerna/web/conf/NoUserInSessionFilter.class */
public class NoUserInSessionFilter implements Filter {
    public static final String MONOLITH_ROUTE = "MONOLITH_ROUTE";
    public static final String MONOLITH_PREFIX = "MONOLITH_PREFIX";
    private static final String LOGIN = "login";
    private static final String NO_USER_HTML = "/noUserFail/";
    protected static List<String> ignoreDueToFE = new Vector();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ServletContext servletContext = servletRequest.getServletContext();
        if (AbstractSecurityUtils.securityEnabled()) {
            String stringBuffer = ((HttpServletRequest) servletRequest).getRequestURL().toString();
            String contextPath = ((HttpServletRequest) servletRequest).getContextPath();
            if (!isIgnored(stringBuffer)) {
                HttpSession session = ((HttpServletRequest) servletRequest).getSession(false);
                User user = session != null ? (User) session.getAttribute(Constants.SESSION_USER) : null;
                if (user == null || (!AbstractSecurityUtils.anonymousUsersEnabled() && user.getLogins().isEmpty())) {
                    HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
                    if (httpServletRequest.getParameter(DBLoader.getSessionIdKey()) == null) {
                        setInvalidEntryRedirect(servletContext, servletRequest, servletResponse, LOGIN);
                        if (session != null) {
                            session.invalidate();
                            return;
                        }
                        return;
                    }
                    String parameter = httpServletRequest.getParameter(DBLoader.getSessionIdKey());
                    Cookie cookie = new Cookie(DBLoader.getSessionIdKey(), parameter);
                    cookie.setPath(contextPath);
                    ((HttpServletResponse) servletResponse).addCookie(cookie);
                    Cookie[] cookies = httpServletRequest.getCookies();
                    if (cookies != null) {
                        for (Cookie cookie2 : cookies) {
                            if (cookie2.getName().equals(DBLoader.getSessionIdKey())) {
                                cookie2.setValue(parameter);
                                ((HttpServletResponse) servletResponse).addCookie(cookie2);
                            }
                        }
                    }
                    Set<String> set = (Set) Collections.list(httpServletRequest.getParameterNames()).stream().filter(str -> {
                        return str.startsWith("route");
                    }).collect(Collectors.toSet());
                    if (set != null && !set.isEmpty()) {
                        for (String str2 : set) {
                            Cookie cookie3 = new Cookie(str2, httpServletRequest.getParameter(str2));
                            cookie3.setPath(contextPath);
                            ((HttpServletResponse) servletResponse).addCookie(cookie3);
                        }
                    }
                    Cookie cookie4 = new Cookie("HASH", httpServletRequest.getParameter("hash"));
                    cookie4.setPath(contextPath);
                    ((HttpServletResponse) servletResponse).addCookie(cookie4);
                    if (!httpServletRequest.getMethod().equalsIgnoreCase("GET")) {
                        setInvalidEntryRedirect(servletContext, servletRequest, servletResponse, LOGIN);
                        return;
                    }
                    ((HttpServletResponse) servletResponse).setStatus(302);
                    Map<String, String> map = System.getenv();
                    if (map.containsKey(MONOLITH_PREFIX)) {
                        stringBuffer = stringBuffer.replace(contextPath, map.get(MONOLITH_PREFIX));
                    }
                    ((HttpServletResponse) servletResponse).sendRedirect(stringBuffer + "?" + httpServletRequest.getQueryString());
                    return;
                }
                String str3 = null;
                Cookie[] cookies2 = ((HttpServletRequest) servletRequest).getCookies();
                if (cookies2 != null) {
                    int length = cookies2.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        Cookie cookie5 = cookies2[i];
                        if (cookie5.getName().equals("HASH")) {
                            str3 = cookie5.getValue();
                            break;
                        }
                        i++;
                    }
                }
                if (str3 != null) {
                    if (!user.isShareSession(session.getId())) {
                        setInvalidEntryRedirect(servletContext, servletRequest, servletResponse, LOGIN);
                        return;
                    }
                    MultiReadHttpServletRequest multiReadHttpServletRequest = new MultiReadHttpServletRequest((HttpServletRequest) servletRequest);
                    String parameter2 = multiReadHttpServletRequest.getParameter("i");
                    String parameter3 = multiReadHttpServletRequest.getParameter(NounStore.selector);
                    if (parameter2 == null || parameter3 == null) {
                        setInvalidEntryRedirect(servletContext, servletRequest, servletResponse, LOGIN);
                        return;
                    }
                    try {
                        byte[] digest = MessageDigest.getInstance("MD5").digest((user.getInsight(parameter2).getSalt() + parameter3).getBytes());
                        StringBuffer stringBuffer2 = new StringBuffer();
                        for (byte b : digest) {
                            stringBuffer2.append(Integer.toString((b & 255) + 256, 16).substring(1));
                        }
                        if (str3 == null || !str3.equals(((Object) stringBuffer2) + "")) {
                            setInvalidEntryRedirect(servletContext, servletRequest, servletResponse, LOGIN);
                            return;
                        }
                        user.removeShare(session.getId());
                        int length2 = cookies2.length;
                        int i2 = 0;
                        while (true) {
                            if (i2 >= length2) {
                                break;
                            }
                            Cookie cookie6 = cookies2[i2];
                            if (cookie6.getName().equals("HASH")) {
                                cookie6.setMaxAge(0);
                                cookie6.setPath(contextPath);
                                ((HttpServletResponse) servletResponse).addCookie(cookie6);
                                break;
                            }
                            i2++;
                        }
                        filterChain.doFilter(multiReadHttpServletRequest, servletResponse);
                        return;
                    } catch (NoSuchAlgorithmException e) {
                        e.printStackTrace();
                    }
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void setInvalidEntryRedirect(ServletContext servletContext, ServletRequest servletRequest, ServletResponse servletResponse, String str) throws IOException {
        String stringBuffer = ((HttpServletRequest) servletRequest).getRequestURL().toString();
        ((HttpServletResponse) servletResponse).setStatus(302);
        String header = ((HttpServletRequest) servletRequest).getHeader("referer");
        if (header != null) {
            String str2 = header + "#!/" + str;
            ((HttpServletResponse) servletResponse).setHeader("redirect", str2);
            ((HttpServletResponse) servletResponse).sendError(302, "Need to redirect to " + str2);
        } else {
            String contextPath = servletContext.getContextPath();
            String str3 = stringBuffer.substring(0, stringBuffer.indexOf(contextPath) + contextPath.length()) + NO_USER_HTML;
            ((HttpServletResponse) servletResponse).setStatus(302);
            ((HttpServletResponse) servletResponse).sendRedirect(str3);
        }
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isIgnored(String str) {
        Iterator<String> it = ignoreDueToFE.iterator();
        while (it.hasNext()) {
            if (str.endsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    static {
        ignoreDueToFE.add("engine/cleanSession");
        ignoreDueToFE.add("engine/cancelCleanSession");
        ignoreDueToFE.add("config");
        ignoreDueToFE.add("auth/logins");
        ignoreDueToFE.add("auth/loginsAllowed");
        ignoreDueToFE.add("auth/login");
        ignoreDueToFE.add("auth/createUser");
        for (AuthProvider authProvider : AuthProvider.values()) {
            ignoreDueToFE.add("auth/userinfo/" + authProvider.toString().toLowerCase());
            ignoreDueToFE.add("auth/login/" + authProvider.toString().toLowerCase());
        }
    }
}
