package io.asgardeo.tomcat.oidc.agent;

import com.nimbusds.oauth2.sdk.util.StringUtils;
import io.asgardeo.java.oidc.sdk.HTTPSessionBasedOIDCProcessor;
import io.asgardeo.java.oidc.sdk.bean.SessionContext;
import io.asgardeo.java.oidc.sdk.config.model.OIDCAgentConfig;
import io.asgardeo.java.oidc.sdk.exception.SSOAgentClientException;
import io.asgardeo.java.oidc.sdk.exception.SSOAgentException;
import io.asgardeo.java.oidc.sdk.request.OIDCRequestResolver;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:io/asgardeo/tomcat/oidc/agent/OIDCAgentFilter.class */
public class OIDCAgentFilter implements Filter {
    private static final Logger logger = LogManager.getLogger(OIDCAgentFilter.class);
    protected FilterConfig filterConfig = null;
    OIDCAgentConfig oidcAgentConfig;
    HTTPSessionBasedOIDCProcessor oidcManager;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        ServletContext servletContext = filterConfig.getServletContext();
        if (servletContext.getAttribute("io.asgardeo.java.oidc.sdk.config.model.OIDCAgentConfig") instanceof OIDCAgentConfig) {
            this.oidcAgentConfig = (OIDCAgentConfig) servletContext.getAttribute("io.asgardeo.java.oidc.sdk.config.model.OIDCAgentConfig");
        }
        try {
            this.oidcManager = new HTTPSessionBasedOIDCProcessor(this.oidcAgentConfig);
        } catch (SSOAgentClientException e) {
            throw new SSOAgentException(e.getMessage(), e);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        OIDCRequestResolver oIDCRequestResolver = new OIDCRequestResolver(httpServletRequest, this.oidcAgentConfig);
        if (oIDCRequestResolver.isSkipURI()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (oIDCRequestResolver.isLogoutURL()) {
            try {
                this.oidcManager.logout(httpServletRequest, httpServletResponse);
                return;
            } catch (SSOAgentException e) {
                handleException(httpServletRequest, httpServletResponse, e);
                return;
            }
        }
        if (oIDCRequestResolver.isCallbackResponse()) {
            try {
                this.oidcManager.handleOIDCCallback(httpServletRequest, httpServletResponse);
                httpServletResponse.sendRedirect("home.jsp");
                return;
            } catch (SSOAgentException e2) {
                handleException(httpServletRequest, httpServletResponse, e2);
                return;
            }
        }
        if (isActiveSessionPresent(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            this.oidcManager.sendForLogin(httpServletRequest, httpServletResponse);
        } catch (SSOAgentException e3) {
            handleException(httpServletRequest, httpServletResponse, e3);
        }
    }

    public void destroy() {
    }

    boolean isActiveSessionPresent(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        return (session == null || session.getAttribute("session_context") == null || !(session.getAttribute("session_context") instanceof SessionContext)) ? false : true;
    }

    void clearSession(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.invalidate();
        }
    }

    protected void handleException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOAgentException sSOAgentException) throws ServletException, IOException {
        String errorPage = this.oidcAgentConfig.getErrorPage();
        if (StringUtils.isBlank(errorPage)) {
            errorPage = buildErrorPageURL(this.oidcAgentConfig, httpServletRequest);
        }
        if (errorPage.trim().charAt(0) != '/') {
            errorPage = "/" + errorPage;
        }
        clearSession(httpServletRequest);
        logger.log(Level.FATAL, sSOAgentException.getMessage());
        httpServletRequest.setAttribute("AgentException", sSOAgentException);
        httpServletRequest.getServletContext().getRequestDispatcher(errorPage).forward(httpServletRequest, httpServletResponse);
    }

    private String buildErrorPageURL(OIDCAgentConfig oIDCAgentConfig, HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(oIDCAgentConfig.getIndexPage()) ? oIDCAgentConfig.getIndexPage() : "/";
    }
}
