package org.apache.felix.http.sslfilter.internal;

import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Dictionary;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.cm.ConfigurationException;

/* loaded from: input_file:resources/install/10/org.apache.felix.http.sslfilter-1.1.0.jar:org/apache/felix/http/sslfilter/internal/SslFilter.class */
public class SslFilter implements Filter {
    public static final String PID = "org.apache.felix.http.sslfilter.SslFilter";
    private static final String DEFAULT_SSL_HEADER = "X-Forwarded-SSL";
    private static final String DEFAULT_SSL_VALUE = "on";
    private static final String DEFAULT_CERT_HEADER = "X-Forwarded-SSL-Certificate";
    private static final String PROP_SSL_HEADER = "ssl-forward.header";
    private static final String PROP_SSL_VALUE = "ssl-forward.value";
    private static final String PROP_SSL_CERT_KEY = "ssl-forward-cert.header";
    private volatile ConfigHolder config = new ConfigHolder("X-Forwarded-SSL", "on", "X-Forwarded-SSL-Certificate");

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:resources/install/10/org.apache.felix.http.sslfilter-1.1.0.jar:org/apache/felix/http/sslfilter/internal/SslFilter$ConfigHolder.class */
    public static class ConfigHolder {
        final String certHeader;
        final String sslHeader;
        final String sslValue;

        public ConfigHolder(String str, String str2, String str3) {
            this.sslHeader = str;
            this.sslValue = str2;
            this.certHeader = str3;
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ConfigHolder configHolder = this.config;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (configHolder.sslValue.equalsIgnoreCase(httpServletRequest.getHeader(configHolder.sslHeader))) {
            try {
                httpServletResponse = new SslFilterResponse(httpServletResponse, httpServletRequest, configHolder);
                httpServletRequest = new SslFilterRequest(httpServletRequest, httpServletRequest.getHeader(configHolder.certHeader));
            } catch (CertificateException e) {
                SystemLogger.log(2, "Failed to create SSL filter request! Problem parsing client certificates?! Client certificate will *not* be forwarded...", e);
            }
        }
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (httpServletRequest instanceof SslFilterRequest) {
                ((SslFilterRequest) httpServletRequest).done();
            }
        } catch (Throwable th) {
            if (httpServletRequest instanceof SslFilterRequest) {
                ((SslFilterRequest) httpServletRequest).done();
            }
            throw th;
        }
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void configure(Dictionary dictionary) throws ConfigurationException {
        String str = "X-Forwarded-SSL-Certificate";
        String str2 = "X-Forwarded-SSL";
        String str3 = "on";
        if (dictionary != null) {
            str = getOptionalString(dictionary, PROP_SSL_CERT_KEY);
            str2 = getMandatoryString(dictionary, PROP_SSL_HEADER);
            str3 = getMandatoryString(dictionary, PROP_SSL_VALUE);
        }
        this.config = new ConfigHolder(str2, str3, str);
        SystemLogger.log(3, "SSL filter (re)configured with: SSL forward header = '" + str2 + "'; SSL forward value = '" + str3 + "'; SSL certificate header = '" + str + "'.");
    }

    private String getOptionalString(Dictionary dictionary, String str) throws ConfigurationException {
        Object obj = dictionary.get(str);
        if (obj == null || "".equals(((String) obj).trim())) {
            return null;
        }
        if (obj instanceof String) {
            return ((String) obj).trim();
        }
        throw new ConfigurationException(str, "invalid value");
    }

    private String getMandatoryString(Dictionary dictionary, String str) throws ConfigurationException {
        String optionalString = getOptionalString(dictionary, str);
        if (optionalString == null) {
            throw new ConfigurationException(str, "missing value");
        }
        return optionalString;
    }
}
