package br.gov.frameworkdemoiselle.security;

import br.gov.frameworkdemoiselle.util.Beans;
import br.gov.frameworkdemoiselle.util.Strings;
import java.io.IOException;
import java.util.Enumeration;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:br/gov/frameworkdemoiselle/security/AbstractHTTPAuthorizationFilter.class */
public abstract class AbstractHTTPAuthorizationFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            doFilter((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!isActive() || !isSupported(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            performLogin(httpServletRequest, httpServletResponse);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            performLogout(httpServletRequest, httpServletResponse);
        } catch (InvalidCredentialsException e) {
            setUnauthorizedStatus(httpServletResponse, e);
        }
    }

    protected String getAuthHeader(HttpServletRequest httpServletRequest) {
        String str = null;
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (true) {
            if (!headerNames.hasMoreElements()) {
                break;
            }
            String str2 = (String) headerNames.nextElement();
            if ("authorization".equalsIgnoreCase(str2)) {
                str = httpServletRequest.getHeader(str2);
                break;
            }
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAuthData(HttpServletRequest httpServletRequest) throws InvalidCredentialsException {
        String str = null;
        String authHeader = getAuthHeader(httpServletRequest);
        String type = getType();
        if (!Strings.isEmpty(type) && !Strings.isEmpty(authHeader)) {
            Matcher matcher = Pattern.compile("^" + type + "[ \\n]+(.+)$", 2).matcher(authHeader);
            if (matcher.matches()) {
                str = matcher.group(1);
            }
        }
        return str;
    }

    protected boolean isSupported(HttpServletRequest httpServletRequest) {
        return !Strings.isEmpty(getAuthData(httpServletRequest));
    }

    protected abstract boolean isActive();

    protected abstract String getType();

    /* JADX INFO: Access modifiers changed from: protected */
    public void performLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ((SecurityContext) Beans.getReference(SecurityContext.class)).login();
    }

    protected void performLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (((SecurityContext) Beans.getReference(SecurityContext.class)).isLoggedIn()) {
            ((SecurityContext) Beans.getReference(SecurityContext.class)).logout();
        }
    }

    private void setUnauthorizedStatus(HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("text/plain; charset=UTF-8");
        httpServletResponse.getWriter().write(authenticationException.getMessage());
    }
}
