package org.apache.stanbol.commons.security.auth;

import java.io.IOException;
import java.security.AccessControlContext;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Comparator;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.security.auth.Subject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.stanbol.commons.security.UserUtil;
import org.osgi.framework.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(immediate = true)
@Service({Filter.class})
@Properties({@Property(name = "pattern", value = {".*"}), @Property(name = Constants.SERVICE_RANKING, intValue = {Integer.MAX_VALUE})})
@Reference(name = "weightedAuthenticationMethod", cardinality = ReferenceCardinality.MANDATORY_MULTIPLE, policy = ReferencePolicy.DYNAMIC, referenceInterface = WeightedAuthenticationMethod.class)
/* loaded from: input_file:resources/bundles/25/org.apache.stanbol.commons.security.core-1.0.0.jar:org/apache/stanbol/commons/security/auth/AuthenticatingFilter.class */
public class AuthenticatingFilter implements Filter {
    private final Logger logger = LoggerFactory.getLogger(AuthenticatingFilter.class);
    private SortedSet<WeightedAuthenticationMethod> methodList = new TreeSet(new WeightedAuthMethodComparator());

    /* renamed from: org.apache.stanbol.commons.security.auth.AuthenticatingFilter$1, reason: invalid class name */
    /* loaded from: input_file:resources/bundles/25/org.apache.stanbol.commons.security.core-1.0.0.jar:org/apache/stanbol/commons/security/auth/AuthenticatingFilter$1.class */
    class AnonymousClass1 implements PrivilegedExceptionAction<Object> {
        final /* synthetic */ HttpServletResponse val$response;
        final /* synthetic */ ServletOutputStream[] val$out;
        final /* synthetic */ boolean[] val$closed;
        final /* synthetic */ int[] val$sentErrorCode;
        final /* synthetic */ String[] val$sentErrorMsg;
        final /* synthetic */ FilterChain val$chain;
        final /* synthetic */ HttpServletRequest val$request;

        AnonymousClass1(HttpServletResponse httpServletResponse, ServletOutputStream[] servletOutputStreamArr, boolean[] zArr, int[] iArr, String[] strArr, FilterChain filterChain, HttpServletRequest httpServletRequest) {
            this.val$response = httpServletResponse;
            this.val$out = servletOutputStreamArr;
            this.val$closed = zArr;
            this.val$sentErrorCode = iArr;
            this.val$sentErrorMsg = strArr;
            this.val$chain = filterChain;
            this.val$request = httpServletRequest;
        }

        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws Exception {
            this.val$chain.doFilter(this.val$request, new HttpServletResponseWrapper(this.val$response) { // from class: org.apache.stanbol.commons.security.auth.AuthenticatingFilter.1.1
                @Override // javax.servlet.ServletResponseWrapper, javax.servlet.ServletResponse
                public ServletOutputStream getOutputStream() throws IOException {
                    final ServletOutputStream outputStream = AnonymousClass1.this.val$response.getOutputStream();
                    AnonymousClass1.this.val$out[0] = outputStream;
                    return new ServletOutputStream() { // from class: org.apache.stanbol.commons.security.auth.AuthenticatingFilter.1.1.1
                        @Override // java.io.OutputStream
                        public void write(int i) throws IOException {
                            outputStream.write(i);
                        }

                        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
                        public void close() throws IOException {
                            AnonymousClass1.this.val$closed[0] = true;
                        }
                    };
                }

                @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
                public void sendError(int i, String str) throws IOException {
                    AnonymousClass1.this.val$sentErrorCode[0] = i;
                    AnonymousClass1.this.val$sentErrorMsg[0] = str;
                }
            });
            return null;
        }
    }

    /* loaded from: input_file:resources/bundles/25/org.apache.stanbol.commons.security.core-1.0.0.jar:org/apache/stanbol/commons/security/auth/AuthenticatingFilter$WeightedAuthMethodComparator.class */
    static class WeightedAuthMethodComparator implements Comparator<WeightedAuthenticationMethod> {
        WeightedAuthMethodComparator() {
        }

        @Override // java.util.Comparator
        public int compare(WeightedAuthenticationMethod weightedAuthenticationMethod, WeightedAuthenticationMethod weightedAuthenticationMethod2) {
            int weight = weightedAuthenticationMethod.getWeight();
            int weight2 = weightedAuthenticationMethod2.getWeight();
            return weight != weight2 ? weight2 - weight : weightedAuthenticationMethod.getClass().toString().compareTo(weightedAuthenticationMethod2.getClass().toString());
        }
    }

    private Subject getSubject() {
        Subject currentSubject = UserUtil.getCurrentSubject();
        if (currentSubject == null) {
            currentSubject = new Subject();
        }
        return currentSubject;
    }

    protected void bindWeightedAuthenticationMethod(WeightedAuthenticationMethod weightedAuthenticationMethod) {
        this.methodList.add(weightedAuthenticationMethod);
    }

    protected void unbindWeightedAuthenticationMethod(WeightedAuthenticationMethod weightedAuthenticationMethod) {
        this.methodList.remove(weightedAuthenticationMethod);
    }

    private void writeLoginResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) throws ServletException, IOException {
        this.logger.debug("SecurityException: {}", th);
        try {
            Iterator<WeightedAuthenticationMethod> it = this.methodList.iterator();
            while (it.hasNext() && !it.next().writeLoginResponse(httpServletRequest, httpServletResponse, th)) {
            }
        } catch (IOException e) {
            this.logger.error("Exception writing loging respone", th);
            throw e;
        }
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        this.logger.debug("filtering request");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Subject subject = getSubject();
        WeightedAuthenticationMethod weightedAuthenticationMethod = null;
        try {
            Iterator<WeightedAuthenticationMethod> it = this.methodList.iterator();
            while (it.hasNext()) {
                weightedAuthenticationMethod = it.next();
                if (weightedAuthenticationMethod.authenticate(httpServletRequest, subject)) {
                    break;
                }
            }
            Set<Principal> principals = subject.getPrincipals();
            if (principals.size() == 0) {
                principals.add(UserUtil.ANONYMOUS);
            }
            ServletOutputStream[] servletOutputStreamArr = new ServletOutputStream[1];
            boolean[] zArr = new boolean[1];
            String[] strArr = new String[1];
            int[] iArr = {-1};
            try {
                Subject.doAsPrivileged(subject, new AnonymousClass1(httpServletResponse, servletOutputStreamArr, zArr, iArr, strArr, filterChain, httpServletRequest), (AccessControlContext) null);
            } catch (SecurityException e) {
                writeLoginResponse(httpServletRequest, httpServletResponse, e);
            } catch (PrivilegedActionException e2) {
                Throwable cause = e2.getCause();
                if (cause instanceof ServletException) {
                    if (!(cause.getCause() instanceof SecurityException)) {
                        throw ((ServletException) cause);
                    }
                    writeLoginResponse(httpServletRequest, httpServletResponse, cause.getCause());
                }
                if (!(cause instanceof RuntimeException)) {
                    throw new RuntimeException(e2);
                }
                throw ((RuntimeException) cause);
            }
            if (httpServletResponse.isCommitted()) {
                return;
            }
            if (zArr[0]) {
                try {
                    servletOutputStreamArr[0].close();
                } catch (IOException e3) {
                }
            }
            if (iArr[0] > -1) {
                httpServletResponse.sendError(iArr[0], strArr[0]);
            }
        } catch (LoginException e4) {
            if (weightedAuthenticationMethod.writeLoginResponse(httpServletRequest, httpServletResponse, e4)) {
                return;
            }
            writeLoginResponse(httpServletRequest, httpServletResponse, e4);
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
