package org.pentaho.platform.web.http.security;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ui.basicauth.BasicProcessingFilter;

/* loaded from: input_file:org/pentaho/platform/web/http/security/PentahoBasicProcessingFilter.class */
public class PentahoBasicProcessingFilter extends BasicProcessingFilter {
    public void doFilterHttp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        Cookie[] cookies;
        if (httpServletRequest.getRequestedSessionId() == null || httpServletRequest.isRequestedSessionIdValid()) {
            String header = httpServletRequest.getHeader("Authorization");
            if (header != null && header.indexOf("Basic") == 0 && SecurityContextHolder.getContext().getAuthentication() == null && (cookies = httpServletRequest.getCookies()) != null) {
                for (Cookie cookie : cookies) {
                    if ("session-flushed".equals(cookie.getName())) {
                        cookie.setMaxAge(0);
                        cookie.setPath(httpServletRequest.getContextPath() != null ? httpServletRequest.getContextPath() : "/");
                        httpServletResponse.addCookie(cookie);
                        getAuthenticationEntryPoint().commence(httpServletRequest, httpServletResponse, new BadCredentialsException("Clearing Basic-Auth"));
                        return;
                    }
                }
            }
        } else {
            Cookie cookie2 = null;
            Cookie[] cookies2 = httpServletRequest.getCookies();
            int length = cookies2.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie3 = cookies2[i];
                if ("JSESSIONID".equals(cookie3.getName())) {
                    cookie2 = cookie3;
                    break;
                }
                i++;
            }
            String header2 = httpServletRequest.getHeader("Authorization");
            if (header2 != null && header2.indexOf("Basic") == 0) {
                Cookie[] cookies3 = httpServletRequest.getCookies();
                int length2 = cookies3.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length2) {
                        break;
                    }
                    Cookie cookie4 = cookies3[i2];
                    if ("session-flushed".equals(cookie4.getName())) {
                        cookie4.setMaxAge(0);
                        httpServletResponse.addCookie(cookie4);
                        break;
                    }
                    i2++;
                }
                getAuthenticationEntryPoint().commence(httpServletRequest, httpServletResponse, new BadCredentialsException("Clearing Basic-Auth"));
                return;
            }
            if (cookie2 != null) {
                Cookie cookie5 = new Cookie("session-flushed", "true");
                cookie5.setPath(httpServletRequest.getContextPath() != null ? httpServletRequest.getContextPath() : "/");
                cookie5.setMaxAge(-1);
                httpServletResponse.addCookie(cookie5);
            }
        }
        super.doFilterHttp(httpServletRequest, httpServletResponse, filterChain);
    }

    protected void onSuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        super.onSuccessfulAuthentication(httpServletRequest, httpServletResponse, authentication);
        httpServletRequest.getSession().setAttribute("BasicAuth", "true");
    }
}
