package org.apache.knox.gateway.identityasserter.common.filter;

import java.io.IOException;
import java.security.AccessController;
import javax.security.auth.Subject;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.knox.gateway.IdentityAsserterMessages;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.security.principal.PrincipalMappingException;
import org.apache.knox.gateway.security.principal.SimplePrincipalMapper;

/* loaded from: input_file:org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.class */
public class CommonIdentityAssertionFilter extends AbstractIdentityAssertionFilter {
    private static final String GROUP_PRINCIPAL_MAPPING = "group.principal.mapping";
    private static final String PRINCIPAL_MAPPING = "principal.mapping";
    private IdentityAsserterMessages LOG = (IdentityAsserterMessages) MessagesFactory.get(IdentityAsserterMessages.class);
    private SimplePrincipalMapper mapper = new SimplePrincipalMapper();

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter(PRINCIPAL_MAPPING);
        if (initParameter == null || initParameter.isEmpty()) {
            initParameter = filterConfig.getServletContext().getInitParameter(PRINCIPAL_MAPPING);
        }
        String initParameter2 = filterConfig.getInitParameter(GROUP_PRINCIPAL_MAPPING);
        if (initParameter2 == null || initParameter2.isEmpty()) {
            initParameter2 = filterConfig.getServletContext().getInitParameter(GROUP_PRINCIPAL_MAPPING);
        }
        if ((initParameter == null || initParameter.isEmpty()) && (initParameter2 == null || initParameter2.isEmpty())) {
            return;
        }
        try {
            this.mapper.loadMappingTable(initParameter, initParameter2);
        } catch (PrincipalMappingException e) {
            throw new ServletException("Unable to load principal mapping table.", e);
        }
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject == null) {
            this.LOG.subjectNotAvailable();
            throw new IllegalStateException("Required Subject Missing");
        }
        String mapUserPrincipal = mapUserPrincipal(mapUserPrincipalBase(getPrincipalName(subject)));
        continueChainAsPrincipal(wrapHttpServletRequest(servletRequest, mapUserPrincipal), servletResponse, filterChain, mapUserPrincipal, combineGroupMappings(mapGroupPrincipals(mapUserPrincipal, subject), mapGroupPrincipals(mapUserPrincipal, subject)));
    }

    private String[] combineGroupMappings(String[] strArr, String[] strArr2) {
        return (strArr == null || strArr2 == null) ? strArr2 != null ? strArr2 : strArr : (String[]) ArrayUtils.addAll(strArr, strArr2);
    }

    public HttpServletRequestWrapper wrapHttpServletRequest(ServletRequest servletRequest, String str) {
        return new IdentityAsserterHttpServletRequestWrapper((HttpServletRequest) servletRequest, str);
    }

    protected String[] mapGroupPrincipalsBase(String str, Subject subject) {
        return this.mapper.mapGroupPrincipal(str);
    }

    protected String mapUserPrincipalBase(String str) {
        return this.mapper.mapUserPrincipal(str);
    }

    @Override // org.apache.knox.gateway.identityasserter.common.filter.AbstractIdentityAssertionFilter
    public String[] mapGroupPrincipals(String str, Subject subject) {
        return null;
    }

    @Override // org.apache.knox.gateway.identityasserter.common.filter.AbstractIdentityAssertionFilter
    public String mapUserPrincipal(String str) {
        return str;
    }
}
