package com.liferay.portal.servlet.filters.autologin;

import com.liferay.portal.NoSuchUserException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.servlet.ProtectedServletRequest;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.InstancePool;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.security.auth.AutoLogin;
import com.liferay.portal.security.pwd.PwdEncryptor;
import com.liferay.portal.service.UserLocalServiceUtil;
import com.liferay.portal.servlet.filters.BasePortalFilter;
import com.liferay.portal.util.PortalInstances;
import com.liferay.portal.util.PortalUtil;
import com.liferay.portal.util.PropsValues;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:WEB-INF/lib/portal-impl.jar:com/liferay/portal/servlet/filters/autologin/AutoLoginFilter.class */
public class AutoLoginFilter extends BasePortalFilter {
    private static final String _PATH_CHAT_LATEST = "/-/chat/latest";
    private static Log _log = LogFactoryUtil.getLog(AutoLoginFilter.class);
    private static List<AutoLogin> _autoLogins = new CopyOnWriteArrayList();

    public static void registerAutoLogin(AutoLogin autoLogin) {
        _autoLogins.add(autoLogin);
    }

    public static void unregisterAutoLogin(AutoLogin autoLogin) {
        _autoLogins.remove(autoLogin);
    }

    public AutoLoginFilter() {
        for (String str : PropsValues.AUTO_LOGIN_HOOKS) {
            _autoLogins.add((AutoLogin) InstancePool.get(str));
        }
    }

    protected String getLoginRemoteUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession, String[] strArr) throws Exception {
        if (strArr == null || strArr.length != 3) {
            return null;
        }
        String str = strArr[0];
        String str2 = strArr[1];
        boolean z = GetterUtil.getBoolean(strArr[2]);
        if (Validator.isNull(str) || Validator.isNull(str2)) {
            return null;
        }
        try {
            long j = GetterUtil.getLong(str);
            if (j <= 0) {
                return null;
            }
            if (UserLocalServiceUtil.getUserById(j).isLockout()) {
                return null;
            }
            httpSession.setAttribute("j_username", str);
            if (z) {
                httpSession.setAttribute("j_password", str2);
            } else {
                httpSession.setAttribute("j_password", PwdEncryptor.encrypt(str2));
                if (PropsValues.SESSION_STORE_PASSWORD) {
                    httpSession.setAttribute("USER_PASSWORD", str2);
                }
            }
            httpSession.setAttribute("j_remoteuser", str);
            if (PropsValues.PORTAL_JAAS_ENABLE) {
                httpServletResponse.sendRedirect(String.valueOf(PortalUtil.getPathMain()) + "/portal/touch_protected");
            }
            return str;
        } catch (NoSuchUserException unused) {
            return null;
        }
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        String[] login;
        String str;
        HttpSession session = httpServletRequest.getSession();
        String host = PortalUtil.getHost(httpServletRequest);
        if (PortalInstances.isAutoLoginIgnoreHost(host)) {
            if (_log.isDebugEnabled()) {
                _log.debug("Ignore host " + host);
            }
            processFilter(AutoLoginFilter.class, httpServletRequest, httpServletResponse, filterChain);
            return;
        }
        String pathContext = PortalUtil.getPathContext();
        String lowerCase = httpServletRequest.getRequestURI().toLowerCase();
        if (!pathContext.equals("/") && lowerCase.contains(pathContext)) {
            lowerCase = lowerCase.substring(pathContext.length());
        }
        if (PortalInstances.isAutoLoginIgnorePath(lowerCase)) {
            if (_log.isDebugEnabled()) {
                _log.debug("Ignore path " + lowerCase);
            }
            processFilter(AutoLoginFilter.class, httpServletRequest, httpServletResponse, filterChain);
            return;
        }
        String remoteUser = httpServletRequest.getRemoteUser();
        String str2 = (String) session.getAttribute("j_username");
        if (!PropsValues.AUTH_LOGIN_DISABLED && remoteUser == null && str2 == null) {
            Iterator<AutoLogin> it2 = _autoLogins.iterator();
            while (it2.hasNext()) {
                try {
                    login = it2.next().login(httpServletRequest, httpServletResponse);
                    str = (String) httpServletRequest.getAttribute("AUTO_LOGIN_REDIRECT");
                } catch (Exception e) {
                    if (_log.isWarnEnabled()) {
                        _log.warn(e, e);
                    }
                    String currentURL = PortalUtil.getCurrentURL(httpServletRequest);
                    if (!currentURL.endsWith(_PATH_CHAT_LATEST)) {
                        _log.error("Current URL " + currentURL + " generates exception: " + e.getMessage());
                    } else if (_log.isWarnEnabled()) {
                        _log.warn("Current URL " + currentURL + " generates exception: " + e.getMessage());
                    }
                }
                if (Validator.isNotNull(str)) {
                    httpServletResponse.sendRedirect(str);
                    return;
                }
                String loginRemoteUser = getLoginRemoteUser(httpServletRequest, httpServletResponse, session, login);
                if (loginRemoteUser != null) {
                    httpServletRequest = new ProtectedServletRequest(httpServletRequest, loginRemoteUser);
                    if (PropsValues.PORTAL_JAAS_ENABLE) {
                        return;
                    }
                    String str3 = !PropsValues.AUTH_FORWARD_BY_LAST_PATH ? "/c" : (String) httpServletRequest.getAttribute("AUTO_LOGIN_REDIRECT_AND_CONTINUE");
                    if (Validator.isNotNull(str3)) {
                        httpServletResponse.sendRedirect(str3);
                        return;
                    }
                } else {
                    continue;
                }
            }
        }
        processFilter(AutoLoginFilter.class, httpServletRequest, httpServletResponse, filterChain);
    }
}
