package fr.inra.agrosyst.web.filters;

import com.google.common.base.Charsets;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import fr.inra.agrosyst.api.services.users.UserDto;
import fr.inra.agrosyst.web.AgrosystWebSession;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Set;
import java.util.function.Function;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/classes/fr/inra/agrosyst/web/filters/AgrosystWebAuthenticationFilter.class */
public class AgrosystWebAuthenticationFilter implements Filter {
    private static final Log LOGGER = LogFactory.getLog(AgrosystWebAuthenticationFilter.class);
    public static final String AGROSYST_WEB_LOGIN_ACTION = "/auth/login.action";
    public static final String AGROSYST_WEB_LOGIN_ACTION_INPUT = "/auth/login-input.action";
    public static final String AGROSYST_WEB_CHARTER_ACTION = "/auth/charter.action";
    public static final String AGROSYST_WEB_CHARTER_ACTION_INPUT = "/auth/charter-input.action";
    protected static final Set<String> PUBLIC_URLS = ImmutableSet.of(AGROSYST_WEB_LOGIN_ACTION, AGROSYST_WEB_LOGIN_ACTION_INPUT, AGROSYST_WEB_CHARTER_ACTION, AGROSYST_WEB_CHARTER_ACTION_INPUT, "/auth/forgotten-password.action", "/auth/forgotten-password-input.action", "/auth/retrieve-password.action", "/auth/retrieve-password-input.action", "/auth/logout.action", "/auth/legal.action", "/commons/help-raw.action", "/commons/endpoints.action");
    protected static final Function<HttpServletRequest, String> GET_FULL_REQUESTED_URI = httpServletRequest -> {
        String contextPath = httpServletRequest.getContextPath();
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.startsWith(contextPath + "/js/") || requestURI.startsWith(contextPath + "/help/") || requestURI.startsWith(contextPath + "/img/") || requestURI.startsWith(contextPath + "/font/") || requestURI.startsWith(contextPath + "/webjars/") || requestURI.startsWith(contextPath + "/nuiton-js/")) {
            requestURI = contextPath + "/";
        }
        String queryString = httpServletRequest.getQueryString();
        return queryString == null ? requestURI : String.format("%s?%s", requestURI, queryString);
    };
    protected static final Function<HttpServletRequest, String> GET_REDIRECT_TO_LOGIN_PAGE_URI = httpServletRequest -> {
        String contextPath = httpServletRequest.getContextPath();
        return "/".equals(contextPath) ? AGROSYST_WEB_LOGIN_ACTION_INPUT : contextPath + AGROSYST_WEB_LOGIN_ACTION_INPUT;
    };
    protected static final Function<HttpServletRequest, String> GET_REDIRECT_TO_CHARTER_PAGE_URI = httpServletRequest -> {
        String contextPath = httpServletRequest.getContextPath();
        return "/".equals(contextPath) ? AGROSYST_WEB_CHARTER_ACTION_INPUT : contextPath + AGROSYST_WEB_CHARTER_ACTION_INPUT;
    };

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) {
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Initializing " + AgrosystWebAuthenticationFilter.class.getName());
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpSession session;
        Object attribute;
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String servletPath = httpServletRequest.getServletPath();
            boolean z = PUBLIC_URLS.contains(servletPath) || servletPath.startsWith("/js/") || servletPath.startsWith("/img/") || servletPath.startsWith("/help/") || servletPath.startsWith("/font/") || servletPath.startsWith("/webjars/") || servletPath.startsWith("/nuiton-js/");
            boolean endsWith = servletPath.endsWith("json.action");
            boolean z2 = false;
            boolean z3 = true;
            if (!z && (session = httpServletRequest.getSession(false)) != null && (attribute = session.getAttribute(AgrosystWebSession.SESSION_PARAMETER)) != null) {
                AgrosystWebSession agrosystWebSession = (AgrosystWebSession) attribute;
                z2 = !Strings.isNullOrEmpty(agrosystWebSession.getAuthenticationToken());
                UserDto authenticatedUser = agrosystWebSession.getAuthenticatedUser();
                z3 = authenticatedUser == null || authenticatedUser.isAcceptedCharter();
            }
            if (LOGGER.isTraceEnabled()) {
                LOGGER.trace(String.format("Is '%s' [publicUrl=%b] [authenticated=%b] [acceptedCharter=%b]", servletPath, Boolean.valueOf(z), Boolean.valueOf(z2), Boolean.valueOf(z3)));
            }
            if (z) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            if (z2 && z3) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            if (!z2 && endsWith) {
                redirectToAuthentificationError(httpServletResponse);
            } else if (z2) {
                redirectToCharterPage(httpServletRequest, httpServletResponse);
            } else {
                redirectToLoginPage(httpServletRequest, httpServletResponse);
            }
        }
    }

    private void redirectToAuthentificationError(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(401, "Vous n'êtes plus connecté");
    }

    private void redirectToLoginPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect(GET_REDIRECT_TO_LOGIN_PAGE_URI.apply(httpServletRequest) + ("?next=" + URLEncoder.encode(GET_FULL_REQUESTED_URI.apply(httpServletRequest), Charsets.UTF_8.name())));
    }

    private void redirectToCharterPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect(GET_REDIRECT_TO_CHARTER_PAGE_URI.apply(httpServletRequest) + ("?next=" + URLEncoder.encode(GET_FULL_REQUESTED_URI.apply(httpServletRequest), Charsets.UTF_8.name())));
    }

    @Override // javax.servlet.Filter
    public void destroy() {
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Destroying " + AgrosystWebAuthenticationFilter.class.getName());
        }
    }
}
