package net.dataforte.doorkeeper.filter;

import java.io.IOException;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.dataforte.doorkeeper.AuthenticatorException;
import net.dataforte.doorkeeper.AuthenticatorUser;
import net.dataforte.doorkeeper.Doorkeeper;
import net.dataforte.doorkeeper.account.provider.ldap.helpers.ActiveDirectoryLdapHelper;
import net.dataforte.doorkeeper.authenticator.Authenticator;
import net.dataforte.doorkeeper.authenticator.AuthenticatorState;
import net.dataforte.doorkeeper.authenticator.AuthenticatorToken;
import net.dataforte.doorkeeper.authorizer.Authorizer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/dataforte/doorkeeper/filter/AuthenticatorFilter.class */
public class AuthenticatorFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(AuthenticatorFilter.class);
    private static final String SESSION_USER = AuthenticatorUser.class.getName();
    private Doorkeeper doorkeeper;

    /* renamed from: net.dataforte.doorkeeper.filter.AuthenticatorFilter$1, reason: invalid class name */
    /* loaded from: input_file:net/dataforte/doorkeeper/filter/AuthenticatorFilter$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$net$dataforte$doorkeeper$authenticator$AuthenticatorState = new int[AuthenticatorState.values().length];

        static {
            try {
                $SwitchMap$net$dataforte$doorkeeper$authenticator$AuthenticatorState[AuthenticatorState.AUTHENTICATED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$net$dataforte$doorkeeper$authenticator$AuthenticatorState[AuthenticatorState.NEGOTIATING.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$net$dataforte$doorkeeper$authenticator$AuthenticatorState[AuthenticatorState.ACQUIRED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        if (log.isInfoEnabled()) {
            log.info("Initializing AuthenticatorFilter...");
        }
        this.doorkeeper = Doorkeeper.getInstance(filterConfig.getServletContext());
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession(false);
        AuthenticatorUser authenticatorUser = session != null ? (AuthenticatorUser) session.getAttribute(SESSION_USER) : null;
        if (authenticatorUser == null) {
            for (Authenticator authenticator : this.doorkeeper.getAuthenticatorChain("filter")) {
                AuthenticatorToken negotiate = authenticator.negotiate(httpServletRequest, httpServletResponse);
                switch (AnonymousClass1.$SwitchMap$net$dataforte$doorkeeper$authenticator$AuthenticatorState[negotiate.getState().ordinal()]) {
                    case 1:
                        HttpSession session2 = httpServletRequest.getSession(true);
                        authenticatorUser = this.doorkeeper.getAccountManager().load(negotiate);
                        session2.setAttribute(SESSION_USER, authenticatorUser);
                        break;
                    case ActiveDirectoryLdapHelper.UF_ACCOUNTDISABLE /* 2 */:
                        return;
                    case 3:
                        String principalName = negotiate.getPrincipalName();
                        if (principalName == null) {
                            authenticator.restart(httpServletRequest, httpServletResponse);
                            return;
                        }
                        try {
                            AuthenticatorUser authenticate = this.doorkeeper.getAccountManager().authenticate(negotiate);
                            HttpSession session3 = httpServletRequest.getSession(true);
                            if (log.isDebugEnabled()) {
                                log.debug("User = " + principalName);
                            }
                            session3.setAttribute(SESSION_USER, authenticate);
                            authenticator.complete(httpServletRequest, httpServletResponse);
                            return;
                        } catch (AuthenticatorException e) {
                            authenticator.restart(httpServletRequest, httpServletResponse);
                            return;
                        }
                }
            }
        }
        Iterator<Authorizer> it = this.doorkeeper.getAuthorizerChain("filter").iterator();
        while (it.hasNext()) {
            if (!it.next().authorize(authenticatorUser, httpServletRequest.getRequestURI())) {
                httpServletResponse.sendError(401);
                return;
            }
        }
        filterChain.doFilter(new AuthenticatorRequestWrapper(httpServletRequest, authenticatorUser), servletResponse);
    }

    public void destroy() {
        if (log.isInfoEnabled()) {
            log.info("Shutting down AuthenticatorFilter...");
        }
    }
}
