package ca.carleton.gcrc.auth;

import ca.carleton.gcrc.auth.common.AuthHttpServletRequest;
import ca.carleton.gcrc.auth.common.User;
import ca.carleton.gcrc.auth.common.UserRepository;
import ca.carleton.gcrc.auth.common.UserRepositorySingleton;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ca/carleton/gcrc/auth/AttachAuthFilter.class */
public class AttachAuthFilter implements Filter {
    private UserRepository userRepository;
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    String[] attachAuthList = null;
    String dbUserName = null;
    String dbUserPassword = null;
    User dbUser = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            this.userRepository = UserRepositorySingleton.getSingleton();
            String initParameter = filterConfig.getInitParameter("attachAuth");
            if (null == initParameter) {
                throw new ServletException("attachAuth list not specified.");
            }
            this.attachAuthList = initParameter.split(",");
            String initParameter2 = filterConfig.getInitParameter("dbUser");
            if (null == initParameter2) {
                throw new ServletException("dbUser not specified.");
            }
            this.dbUserName = initParameter2;
            String initParameter3 = filterConfig.getInitParameter("dbPassword");
            if (null == initParameter3) {
                throw new ServletException("dbPassword not specified.");
            }
            this.dbUserPassword = initParameter3;
            try {
                this.dbUser = this.userRepository.authenticate(this.dbUserName, this.dbUserPassword);
            } catch (Exception e) {
                throw new ServletException("Configured attachAuth name and password do not authenticate.", e);
            }
        } catch (Exception e2) {
            this.logger.error("Error while connecting to database", e2);
            throw new ServletException("Error while connecting to database", e2);
        }
    }

    public void destroy() {
        if (null != this.userRepository) {
            this.userRepository.destroy();
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        try {
            filterChain.doFilter(attachIfRequired((HttpServletRequest) servletRequest), (HttpServletResponse) servletResponse);
        } catch (Exception e) {
            throw new ServletException("Error while filtering request", e);
        }
    }

    private boolean checkListContains(String[] strArr, String str) {
        for (String str2 : strArr) {
            if (str2.equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    private HttpServletRequest attachIfRequired(HttpServletRequest httpServletRequest) {
        String[] split = httpServletRequest.getRequestURI().split("/");
        String str = split[split.length - 1];
        if (!checkListContains(this.attachAuthList, str) || null != httpServletRequest.getHeader("Authorization")) {
            return httpServletRequest;
        }
        AuthHttpServletRequest authHttpServletRequest = new AuthHttpServletRequest(httpServletRequest, this.dbUser);
        this.logger.info(getClass().getName() + " auth attached - path:" + str + " user:" + this.dbUser);
        return authHttpServletRequest;
    }
}
