package org.eetrust.security.client.validation;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eetrust.security.client.core.AbstractKernelFilter;
import org.eetrust.security.client.util.CommonUtils;
import org.eetrust.security.client.util.PathMatcher;
import org.eetrust.security.client.util.URLPathMatcher;

/* loaded from: input_file:org/eetrust/security/client/validation/AbstractTicketValidationFilter.class */
public class AbstractTicketValidationFilter extends AbstractKernelFilter {
    private TicketValidator ticketValidator;
    private boolean redirectAfterValidation = false;
    private boolean exceptionOnValidationFailure = true;
    private boolean useSession = true;
    private static final PathMatcher pathMatcher = new URLPathMatcher();

    protected TicketValidator getTicketValidator(FilterConfig filterConfig) {
        return this.ticketValidator;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eetrust.security.client.core.AbstractKernelFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        setTicketValidator(getTicketValidator(filterConfig));
        setExceptionOnValidationFailure(parseBoolean(getPropertyFromInitParams(filterConfig, "exceptionOnValidationFailure", "true")));
        this.log.info("Setting exceptionOnValidationFailure parameter: " + this.exceptionOnValidationFailure);
        setRedirectAfterValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "redirectAfterValidation", "false")));
        this.log.info("Setting redirectAfterValidation parameter: " + this.redirectAfterValidation);
        setUseSession(parseBoolean(getPropertyFromInitParams(filterConfig, "useSession", "true")));
        this.log.info("Setting useSession parameter: " + this.useSession);
        super.initInternal(filterConfig);
    }

    @Override // org.eetrust.security.client.core.AbstractKernelFilter
    public void init() {
        super.init();
        CommonUtils.assertNotNull(this.ticketValidator, "ticketValidator cannot be null.");
    }

    protected boolean preFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        return true;
    }

    protected void onSuccessfulValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Assertion assertion) {
    }

    protected void onFailedValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        int indexOf = requestURI.indexOf("?");
        if (indexOf != -1) {
            requestURI = requestURI.substring(0, indexOf);
        }
        String[] excludeInterceptURL = getExcludeInterceptURL();
        if (excludeInterceptURL != null && excludeInterceptURL.length > 0) {
            for (String str : excludeInterceptURL) {
                if (pathMatcher.match(str, requestURI)) {
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                    return;
                }
            }
        }
        String safeGetParameter = CommonUtils.safeGetParameter(httpServletRequest, getTicketParameterName());
        if (CommonUtils.isNotBlank(safeGetParameter)) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Attempting to validate ticket: " + safeGetParameter);
            }
            try {
                Assertion validate = this.ticketValidator.validate(safeGetParameter);
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Successfully authenticated user: " + validate.getPrincipal().getName());
                }
                httpServletRequest.setAttribute(AbstractKernelFilter.CONST_UAP_ASSERTION, validate);
                if (this.useSession) {
                    httpServletRequest.getSession().setAttribute(AbstractKernelFilter.CONST_UAP_ASSERTION, validate);
                }
                onSuccessfulValidation(httpServletRequest, httpServletResponse, validate);
                if (this.redirectAfterValidation) {
                    if (this.log.isDebugEnabled()) {
                        this.log.debug("Redirecting after successful ticket validation.");
                    }
                    String parameter = httpServletRequest.getParameter(getServiceParameterName());
                    if (CommonUtils.isNotBlank(parameter)) {
                        httpServletResponse.sendRedirect(parameter);
                        return;
                    }
                }
            } catch (TicketValidationException e) {
                httpServletResponse.setStatus(403);
                this.log.warn(e, e);
                onFailedValidation(httpServletRequest, httpServletResponse);
                if (this.exceptionOnValidationFailure) {
                    throw new ServletException(e);
                }
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    public final void setTicketValidator(TicketValidator ticketValidator) {
        this.ticketValidator = ticketValidator;
    }

    public final void setRedirectAfterValidation(boolean z) {
        this.redirectAfterValidation = z;
    }

    public final void setExceptionOnValidationFailure(boolean z) {
        this.exceptionOnValidationFailure = z;
    }

    public final void setUseSession(boolean z) {
        this.useSession = z;
    }
}
