package net.sf.acegisecurity.context;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:net/sf/acegisecurity/context/HttpSessionContextIntegrationFilter.class */
public class HttpSessionContextIntegrationFilter implements InitializingBean, Filter {
    protected static final Log logger;
    private static final String FILTER_APPLIED = "__acegi_session_integration_filter_applied";
    public static final String ACEGI_SECURITY_CONTEXT_KEY = "ACEGI_SECURITY_CONTEXT";
    private Class context;
    private Object contextObject;
    private boolean allowSessionCreation = true;
    static Class class$net$sf$acegisecurity$context$HttpSessionContextIntegrationFilter;
    static Class class$net$sf$acegisecurity$context$Context;

    public void setAllowSessionCreation(boolean z) {
        this.allowSessionCreation = z;
    }

    public boolean isAllowSessionCreation() {
        return this.allowSessionCreation;
    }

    public void setContext(Class cls) {
        this.context = cls;
    }

    public Class getContext() {
        return this.context;
    }

    public void afterPropertiesSet() throws Exception {
        Class cls;
        if (this.context != null) {
            if (class$net$sf$acegisecurity$context$Context == null) {
                cls = class$("net.sf.acegisecurity.context.Context");
                class$net$sf$acegisecurity$context$Context = cls;
            } else {
                cls = class$net$sf$acegisecurity$context$Context;
            }
            if (cls.isAssignableFrom(this.context)) {
                this.contextObject = generateNewContext();
                return;
            }
        }
        throw new IllegalArgumentException("context must be defined and implement Context (typically use net.sf.acegisecurity.context.security.SecureContextImpl)");
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest != null && servletRequest.getAttribute(FILTER_APPLIED) != null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (servletRequest != null) {
            servletRequest.setAttribute(FILTER_APPLIED, Boolean.TRUE);
        }
        if (ContextHolder.getContext() != null) {
            if (logger.isWarnEnabled()) {
                logger.warn(new StringBuffer().append("ContextHolder should have been null but contained: '").append(ContextHolder.getContext()).append("'; setting to null now").toString());
            }
            ContextHolder.setContext(null);
        }
        HttpSession httpSession = null;
        boolean z = false;
        try {
            httpSession = ((HttpServletRequest) servletRequest).getSession(false);
        } catch (IllegalStateException e) {
        }
        if (httpSession != null) {
            z = true;
            Object attribute = httpSession.getAttribute(ACEGI_SECURITY_CONTEXT_KEY);
            if (attribute != null) {
                if (attribute instanceof Context) {
                    if (logger.isDebugEnabled()) {
                        logger.debug(new StringBuffer().append("Obtained from ACEGI_SECURITY_CONTEXT a valid Context and set to ContextHolder: '").append(attribute).append("'").toString());
                    }
                    ContextHolder.setContext((Context) attribute);
                } else if (logger.isWarnEnabled()) {
                    logger.warn(new StringBuffer().append("ACEGI_SECURITY_CONTEXT did not contain a Context but contained: '").append(attribute).append("'; are you improperly modifying the HttpSession directly (you should always use ContextHolder) or using the HttpSession attribute reserved for this class?").toString());
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug("HttpSession returned null object for ACEGI_SECURITY_CONTEXT");
            }
        } else if (logger.isDebugEnabled()) {
            logger.debug("No HttpSession currently exists");
        }
        if (ContextHolder.getContext() == null) {
            ContextHolder.setContext(generateNewContext());
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("As ContextHolder null, setup ContextHolder with a fresh new instance: '").append(ContextHolder.getContext()).append("'").toString());
            }
        }
        HttpSession httpSession2 = null;
        filterChain.doFilter(servletRequest, servletResponse);
        try {
            httpSession2 = ((HttpServletRequest) servletRequest).getSession(false);
        } catch (IllegalStateException e2) {
        }
        if (httpSession2 == null && z && logger.isDebugEnabled()) {
            logger.debug("HttpSession is now null, but was not null at start of request; session was invalidated, so do not create a new session");
        }
        if (httpSession2 == null && !z) {
            if (this.allowSessionCreation) {
                if (!this.contextObject.equals(ContextHolder.getContext())) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("HttpSession being created as ContextHolder contents are non-default");
                    }
                    try {
                        httpSession2 = ((HttpServletRequest) servletRequest).getSession(true);
                    } catch (IllegalStateException e3) {
                    }
                } else if (logger.isDebugEnabled()) {
                    logger.debug(new StringBuffer().append("HttpSession still null, but ContextHolder has not changed from default: ' ").append(ContextHolder.getContext()).append("'; not creating HttpSession or storing ContextHolder contents").toString());
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug("Whilst ContextHolder contents have changed, the HttpSessionContextIntegrationFilter is prohibited from creating a HttpSession by the allowSessionCreation property being false");
            }
        }
        if (httpSession2 != null) {
            httpSession2.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, ContextHolder.getContext());
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("Context stored to HttpSession: '").append(ContextHolder.getContext()).append("'").toString());
            }
        }
        ContextHolder.setContext(null);
        if (logger.isDebugEnabled()) {
            logger.debug("ContextHolder set to null as request processing completed");
        }
    }

    public Context generateNewContext() throws ServletException {
        try {
            return (Context) this.context.newInstance();
        } catch (IllegalAccessException e) {
            throw new ServletException(e);
        } catch (InstantiationException e2) {
            throw new ServletException(e2);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$acegisecurity$context$HttpSessionContextIntegrationFilter == null) {
            cls = class$("net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter");
            class$net$sf$acegisecurity$context$HttpSessionContextIntegrationFilter = cls;
        } else {
            cls = class$net$sf$acegisecurity$context$HttpSessionContextIntegrationFilter;
        }
        logger = LogFactory.getLog(cls);
    }
}
