package com.octo.captcha.module.filter.image;

import com.octo.captcha.module.filter.FilterConfigUtils;
import com.octo.captcha.module.jmx.JMXRegistrationHelper;
import com.octo.captcha.service.CaptchaServiceException;
import com.octo.captcha.service.ManageableCaptchaService;
import com.octo.captcha.service.image.ImageCaptchaService;
import com.sun.image.codec.jpeg.JPEGCodec;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/octo/captcha/module/filter/image/ImageCaptchaFilter.class */
public class ImageCaptchaFilter implements Filter {
    public static final String JMX_REGISTERING_NAME = "com.octo.captcha.module.servlet:object=ImageCaptchaFilter";
    public static final String CSV_DELIMITER = ";";
    public static final String CAPTCHA_ERROR_URL_PARAMETER = "CaptchaErrorURL";
    public static final String CAPTCHA_RENDERING_URL_PARAMETER = "CaptchaRenderingURL";
    public static final String CAPTCHA_VERIFICATION_URLS_PARAMETER = "CaptchaVerificationURLs";
    public static final String CAPTCHA_FAIL_URLS_PARAMETER = "CaptchaFailURLs";
    public static final String CAPTCHA_QUESTION_NAME_PARAMETER = "CaptchaQuestionParameterName";
    public static final String CAPTCHA_RESPONSE_PARAMETER_NAME_PARAMETER = "CaptchaChallengeResponseParameterName";
    private static final String CAPTCHA_SERVICE_CLASS_PARAMETER = "ImageCaptchaServiceClass";
    private static final String CAPTCHA_REGISTER_TO_MBEAN_SERVER_PARAMETER = "RegisterToMBeanServer";
    private boolean captchaRegisterToMBeanServer = false;
    private ImageCaptchaService captchaService = null;
    protected Hashtable verificationForwards = new Hashtable();
    protected String captchaServiceClassName;
    private static String captchaQuestionParameterName = null;
    private static String captchaRenderingURL = null;
    private static String captchaErrorURL = null;
    private static String captchaChallengeResponseParameterName = null;

    public static String getCaptchaRenderingURL() {
        return captchaRenderingURL;
    }

    public static String getCaptchaQuestionParameterName() {
        return captchaQuestionParameterName;
    }

    public static String getCaptchaChallengeResponseParameterName() {
        return captchaChallengeResponseParameterName;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        captchaRenderingURL = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_RENDERING_URL_PARAMETER, true);
        captchaErrorURL = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_ERROR_URL_PARAMETER, true);
        String stringInitParameter = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_VERIFICATION_URLS_PARAMETER, true);
        String stringInitParameter2 = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_FAIL_URLS_PARAMETER, true);
        StringTokenizer stringTokenizer = new StringTokenizer(stringInitParameter, CSV_DELIMITER, false);
        StringTokenizer stringTokenizer2 = new StringTokenizer(stringInitParameter2, CSV_DELIMITER, false);
        if (stringTokenizer.countTokens() != stringTokenizer2.countTokens()) {
            throw new ServletException("CaptchaVerificationURLs and CaptchaFailURLs values are not consistant in web.xml : there should be exactly one forward error for each verification URL !");
        }
        while (stringTokenizer.hasMoreTokens()) {
            this.verificationForwards.put(stringTokenizer.nextToken(), stringTokenizer2.nextToken());
        }
        captchaQuestionParameterName = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_QUESTION_NAME_PARAMETER, true);
        captchaChallengeResponseParameterName = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_RESPONSE_PARAMETER_NAME_PARAMETER, true);
        this.captchaServiceClassName = FilterConfigUtils.getStringInitParameter(filterConfig, CAPTCHA_SERVICE_CLASS_PARAMETER, true);
        this.captchaRegisterToMBeanServer = FilterConfigUtils.getBooleanInitParameter(filterConfig, CAPTCHA_REGISTER_TO_MBEAN_SERVER_PARAMETER, false);
        try {
            this.captchaService = (ImageCaptchaService) Class.forName(this.captchaServiceClassName).newInstance();
            if (this.captchaRegisterToMBeanServer && (this.captchaService instanceof ManageableCaptchaService)) {
                JMXRegistrationHelper.registerToMBeanServer((ManageableCaptchaService) this.captchaService, JMX_REGISTERING_NAME);
            }
        } catch (ClassNotFoundException e) {
            throw new CaptchaServiceException(e);
        } catch (IllegalAccessException e2) {
            throw new CaptchaServiceException(e2);
        } catch (InstantiationException e3) {
            throw new CaptchaServiceException(e3);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        StringBuffer append = new StringBuffer().append(httpServletRequest.getServletPath());
        if (httpServletRequest.getQueryString() != null) {
            append.append("?").append(httpServletRequest.getQueryString());
        }
        String stringBuffer = append.toString();
        if (stringBuffer.startsWith(captchaRenderingURL)) {
            try {
                generateAndRenderCaptcha(httpServletRequest, httpServletResponse);
                return;
            } catch (Throwable th) {
                httpServletResponse.sendRedirect(captchaErrorURL);
                th.printStackTrace();
                return;
            }
        }
        if (this.verificationForwards.containsKey(stringBuffer)) {
            verifyAnswerToACaptchaChallenge(httpServletRequest, httpServletResponse, stringBuffer, filterChain);
        } else {
            addQuestionToRequest(httpServletRequest, httpServletResponse);
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    public void destroy() {
        if ((this.captchaService instanceof ManageableCaptchaService) && this.captchaRegisterToMBeanServer) {
            JMXRegistrationHelper.unregisterFromMBeanServer(JMX_REGISTERING_NAME);
        }
    }

    private void addQuestionToRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.setAttribute(getCaptchaQuestionParameterName(), this.captchaService.getQuestionForID(httpServletRequest.getSession().getId(), httpServletRequest.getLocale()));
    }

    private void generateAndRenderCaptcha(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String id = httpServletRequest.getSession().getId();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            JPEGCodec.createJPEGEncoder(byteArrayOutputStream).encode(this.captchaService.getImageChallengeForID(id, httpServletRequest.getLocale()));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            httpServletResponse.setHeader("Cache-Control", "no-store");
            httpServletResponse.setHeader("Pragma", "no-cache");
            httpServletResponse.setDateHeader("Expires", 0L);
            httpServletResponse.setContentType("image/jpeg");
            httpServletResponse.getOutputStream().write(byteArray);
        } catch (CaptchaServiceException e) {
            httpServletResponse.sendError(404);
        } catch (IllegalArgumentException e2) {
        }
    }

    private void verifyAnswerToACaptchaChallenge(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, FilterChain filterChain) throws IOException, ServletException {
        String id = httpServletRequest.getSession().getId();
        String parameter = httpServletRequest.getParameter(captchaChallengeResponseParameterName);
        if (parameter == null) {
            redirectError(str, httpServletRequest, httpServletResponse);
            return;
        }
        Boolean bool = Boolean.FALSE;
        try {
            bool = this.captchaService.validateResponseForID(id, parameter);
        } catch (CaptchaServiceException e) {
        }
        if (bool.booleanValue()) {
            forwardSuccess(filterChain, httpServletRequest, httpServletResponse);
        } else {
            redirectError(str, httpServletRequest, httpServletResponse);
        }
    }

    private void redirectError(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        removeParametersFromRequest(httpServletRequest);
        try {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + ((String) this.verificationForwards.get(str)));
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    private void forwardSuccess(FilterChain filterChain, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        removeParametersFromRequest(httpServletRequest);
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    private void removeParametersFromRequest(HttpServletRequest httpServletRequest) {
        httpServletRequest.removeAttribute(getCaptchaChallengeResponseParameterName());
        httpServletRequest.removeAttribute(getCaptchaQuestionParameterName());
    }
}
