package org.jasig.cas.client.util;

import java.io.IOException;
import java.security.Principal;
import java.util.Collection;
import java.util.Iterator;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.Assertion;

/* loaded from: input_file:WEB-INF/lib/cas-client-core.jar:org/jasig/cas/client/util/HttpServletRequestWrapperFilter.class */
public final class HttpServletRequestWrapperFilter extends AbstractConfigurationFilter {
    private String roleAttribute;
    private boolean ignoreCase;

    /* loaded from: input_file:WEB-INF/lib/cas-client-core.jar:org/jasig/cas/client/util/HttpServletRequestWrapperFilter$CasHttpServletRequestWrapper.class */
    final class CasHttpServletRequestWrapper extends HttpServletRequestWrapper {
        private final AttributePrincipal principal;
        private final HttpServletRequestWrapperFilter this$0;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        CasHttpServletRequestWrapper(HttpServletRequestWrapperFilter httpServletRequestWrapperFilter, HttpServletRequest httpServletRequest, AttributePrincipal attributePrincipal) {
            super(httpServletRequest);
            this.this$0 = httpServletRequestWrapperFilter;
            this.principal = attributePrincipal;
        }

        public Principal getUserPrincipal() {
            return this.principal;
        }

        public String getRemoteUser() {
            if (this.principal != null) {
                return this.principal.getName();
            }
            return null;
        }

        public boolean isUserInRole(String str) {
            if (CommonUtils.isBlank(str)) {
                this.this$0.log.debug("No valid role provided.  Returning false.");
                return false;
            }
            if (this.principal == null) {
                this.this$0.log.debug("No Principal in Request.  Returning false.");
                return false;
            }
            if (CommonUtils.isBlank(this.this$0.roleAttribute)) {
                this.this$0.log.debug("No Role Attribute Configured. Returning false.");
                return false;
            }
            Object obj = this.principal.getAttributes().get(this.this$0.roleAttribute);
            if (obj instanceof Collection) {
                Iterator it2 = ((Collection) obj).iterator();
                while (it2.hasNext()) {
                    if (rolesEqual(str, it2.next())) {
                        this.this$0.log.debug(new StringBuffer().append("User [").append(getRemoteUser()).append("] is in role [").append(str).append("]: ").append(true).toString());
                        return true;
                    }
                }
            }
            boolean rolesEqual = rolesEqual(str, obj);
            this.this$0.log.debug(new StringBuffer().append("User [").append(getRemoteUser()).append("] is in role [").append(str).append("]: ").append(rolesEqual).toString());
            return rolesEqual;
        }

        private boolean rolesEqual(String str, Object obj) {
            return this.this$0.ignoreCase ? str.equalsIgnoreCase(obj.toString()) : str.equals(obj);
        }
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        filterChain.doFilter(new CasHttpServletRequestWrapper(this, (HttpServletRequest) servletRequest, retrievePrincipalFromSessionOrRequest(servletRequest)), servletResponse);
    }

    protected AttributePrincipal retrievePrincipalFromSessionOrRequest(ServletRequest servletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        Assertion assertion = (Assertion) (session == null ? httpServletRequest.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION));
        if (assertion == null) {
            return null;
        }
        return assertion.getPrincipal();
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.roleAttribute = getPropertyFromInitParams(filterConfig, "roleAttribute", null);
        this.ignoreCase = Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "ignoreCase", "false"));
    }
}
