package de.comhix.web.filter;

import com.google.common.base.Splitter;
import de.comhix.web.auth.AuthFunction;
import de.comhix.web.auth.AuthenticationException;
import de.comhix.web.auth.UserProvider;
import java.io.IOException;
import java.util.Enumeration;
import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:de/comhix/web/filter/AuthFilter.class */
public class AuthFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
    private static final String DEFAULT_TOKEN_COOKIE_NAME = "auth-cookie";
    public static final String TOKEN_COOKIE_NAME_PARAM = "tokenCookieName";
    public static final String NO_AUTH_PARAM = "noAuth";
    private final AuthFunction authFunction;
    private final UserProvider userProvider;
    private List<String> noAuth;
    private String tokenCookieName;

    @Inject
    public AuthFilter(AuthFunction authFunction, UserProvider userProvider) {
        this.authFunction = authFunction;
        this.userProvider = userProvider;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        log.debug("filter: {}", filterConfig.getFilterName());
        Enumeration initParameterNames = filterConfig.getInitParameterNames();
        while (initParameterNames.hasMoreElements()) {
            String str = (String) initParameterNames.nextElement();
            log.debug("{}: {}", str, filterConfig.getInitParameter(str));
            if (str.equals(NO_AUTH_PARAM)) {
                this.noAuth = Splitter.on(",").trimResults().splitToList(filterConfig.getInitParameter(str));
            }
            if (str.equals(TOKEN_COOKIE_NAME_PARAM)) {
                this.tokenCookieName = filterConfig.getInitParameter(str);
            }
        }
        if (this.tokenCookieName == null) {
            this.tokenCookieName = DEFAULT_TOKEN_COOKIE_NAME;
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        checkAuth(httpServletRequest, httpServletRequest.getServletPath());
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void checkAuth(HttpServletRequest httpServletRequest, String str) {
        if (this.noAuth.contains(str)) {
            log.debug("no auth needed for {}", str);
            return;
        }
        log.debug("checking auth for path: {}", str);
        if (httpServletRequest.getCookies() != null) {
            for (Cookie cookie : httpServletRequest.getCookies()) {
                if (cookie.getName().equals(this.tokenCookieName)) {
                    checkCookieToken(cookie);
                    return;
                }
            }
        }
        throw new AuthenticationException();
    }

    public void doAuth(HttpServletResponse httpServletResponse, String str) {
        Cookie cookie = new Cookie(this.tokenCookieName, str);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
    }

    private void checkCookieToken(Cookie cookie) {
        Optional optional = (Optional) this.authFunction.apply(cookie.getValue());
        if (!optional.isPresent()) {
            throw new AuthenticationException();
        }
        this.userProvider.setUser((String) optional.get());
    }

    public void destroy() {
    }
}
