package com.adventnet.authentication;

import com.adventnet.authentication.util.AuthDBUtil;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.login.LoginException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/adventnet/authentication/ContextChangeDetector.class */
public class ContextChangeDetector implements Filter {
    private static Logger logger;
    private static List excludeContextList;
    static Class class$com$adventnet$authentication$ContextChangeDetector;

    public void init(FilterConfig filterConfig) throws ServletException {
        logger.log(Level.FINEST, "init invoked");
        excludeContextList = new ArrayList();
        Enumeration initParameterNames = filterConfig.getInitParameterNames();
        while (initParameterNames.hasMoreElements()) {
            String str = (String) initParameterNames.nextElement();
            if (str != null && str.indexOf("exclude-context-") != -1) {
                excludeContextList.add(filterConfig.getInitParameter(str));
            }
        }
        logger.log(Level.FINEST, "list of context names that are to be excluded from authenticating : {0}", excludeContextList);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        logger.log(Level.FINEST, "doFilter invoked");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String contextPath = httpServletRequest.getContextPath();
        if (excludeContextList.contains(contextPath)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        logger.log(Level.FINEST, "Principal obtained from request : {0}", userPrincipal);
        String str = (String) httpServletRequest.getSession().getAttribute("JSESSIONIDSSO");
        logger.log(Level.FINEST, "ssoId obtained : {0}", str);
        if (userPrincipal != null) {
            logger.log(Level.FINEST, "Already authenticated user : {0}", userPrincipal.getName());
            String prevContextPath = getPrevContextPath(httpServletRequest);
            if (!contextPath.equals(prevContextPath)) {
                setValueInCookie(httpServletResponse, contextPath);
                logger.log(Level.INFO, "client switching from context : {0} to context : {1}", new Object[]{prevContextPath, contextPath});
                try {
                    String serviceNameForContext = AuthDBUtil.getServiceNameForContext(contextPath);
                    if (AuthDBUtil.isValidationReq(str, serviceNameForContext)) {
                        logger.log(Level.FINEST, "Session id obtained after authenticating : {0}", new Long(PAM.authenticate(userPrincipal.getName(), serviceNameForContext, httpServletRequest)));
                    } else {
                        logger.log(Level.FINEST, "session already opened");
                    }
                } catch (LoginException e) {
                    logger.log(Level.FINEST, "LoginException occured when switching context : ", (Throwable) e);
                    setValueInCookie(httpServletResponse, prevContextPath);
                    String initParameter = httpServletRequest.getSession().getServletContext().getInitParameter("login-error-page");
                    logger.log(Level.FINEST, "error page url obtained from context parameter is {0}", initParameter);
                    String message = e.getMessage();
                    httpServletRequest.setAttribute("login_status", message == null ? "Unable to change context" : message);
                    if (initParameter == null) {
                        logger.log(Level.SEVERE, "Error page not mentioned as context param (login-error-page) in war : {0}", contextPath);
                        return;
                    } else {
                        servletRequest.getRequestDispatcher(initParameter).forward(servletRequest, servletResponse);
                        logger.log(Level.FINEST, "forwarded the error message to errorpage");
                    }
                }
            }
        } else {
            setValueInCookie(httpServletResponse, contextPath);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
        logger.log(Level.FINEST, "destroy invoked");
    }

    private String getPrevContextPath(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        String str = " ";
        if (cookies == null) {
            return str;
        }
        int length = cookies.length;
        for (int i = 0; i < length; i++) {
            logger.log(Level.FINEST, "Cookie obtained is  : {0}", cookies[i].getName());
            if (cookies[i].getName().equals("PREV_CONTEXT_PATH")) {
                str = cookies[i].getValue();
            }
        }
        return str;
    }

    private void setValueInCookie(HttpServletResponse httpServletResponse, String str) {
        Cookie cookie = new Cookie("PREV_CONTEXT_PATH", str);
        cookie.setMaxAge(86400);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        logger.log(Level.FINEST, "value : {0} set in cookie", str);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$adventnet$authentication$ContextChangeDetector == null) {
            cls = class$("com.adventnet.authentication.ContextChangeDetector");
            class$com$adventnet$authentication$ContextChangeDetector = cls;
        } else {
            cls = class$com$adventnet$authentication$ContextChangeDetector;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
