package org.kuali.rice.krad.web.filter;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.kuali.rice.core.api.CoreApiServiceLocator;
import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
import org.kuali.rice.krad.uif.UifConstants;
import org.kuali.rice.krad.uif.UifParameters;
import org.kuali.rice.krad.uif.service.ViewDictionaryService;
import org.kuali.rice.krad.uif.service.ViewService;
import org.kuali.rice.krad.uif.view.ViewSessionPolicy;
import org.kuali.rice.krad.util.KRADConstants;
import org.kuali.rice.krad.util.KRADUtils;
import org.kuali.rice.krad.web.form.UifFormManager;
import org.springframework.web.bind.annotation.RequestMethod;

/* loaded from: input_file:WEB-INF/lib/rice-krad-web-framework-2.6.0-1602.0024.jar:org/kuali/rice/krad/web/filter/UifSessionTimeoutFilter.class */
public class UifSessionTimeoutFilter implements Filter {
    private int sessionTimeoutErrorCode = 403;

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter("sessionTimeoutErrorCode");
        if (initParameter != null) {
            this.sessionTimeoutErrorCode = Integer.parseInt(initParameter);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        UifFormManager uifFormManager;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        boolean z = false;
        if (servletRequest.getParameter("sessionId") != null) {
            String parameter = servletRequest.getParameter("sessionId");
            if (session == null || !StringUtils.equals(session.getId(), parameter)) {
                z = true;
            }
        }
        String viewIdFromRequest = getViewIdFromRequest(httpServletRequest);
        if (StringUtils.isBlank(viewIdFromRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        boolean equals = RequestMethod.GET.name().equals(httpServletRequest.getMethod());
        String parameter2 = servletRequest.getParameter("formKey");
        if (StringUtils.isNotBlank(parameter2) && !equals && getViewDictionaryService().isSessionStorageEnabled(viewIdFromRequest) && session != null && (uifFormManager = (UifFormManager) session.getAttribute(UifParameters.FORM_MANAGER)) != null && !uifFormManager.hasSessionForm(parameter2)) {
            z = true;
        }
        if (!z) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        ViewSessionPolicy viewSessionPolicy = getViewDictionaryService().getViewSessionPolicy(viewIdFromRequest);
        if (viewSessionPolicy.isRedirectToHome() || StringUtils.isNotBlank(viewSessionPolicy.getRedirectUrl()) || viewSessionPolicy.isRenderTimeoutView()) {
            sendRedirect(httpServletRequest, (HttpServletResponse) servletResponse, getRedirectUrl(viewSessionPolicy, httpServletRequest));
        }
    }

    protected String getViewIdFromRequest(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("viewId");
        if (StringUtils.isBlank(parameter)) {
            String parameter2 = httpServletRequest.getParameter(UifParameters.VIEW_TYPE_NAME);
            UifConstants.ViewType viewType = null;
            if (StringUtils.isNotBlank(parameter2)) {
                viewType = UifConstants.ViewType.valueOf(parameter2);
            }
            if (viewType != null) {
                parameter = getViewService().getViewIdForViewType(viewType, KRADUtils.translateRequestParameterMap(httpServletRequest.getParameterMap()));
            }
        }
        if (StringUtils.isNotBlank(parameter)) {
            httpServletRequest.setAttribute("viewId", parameter);
        }
        return parameter;
    }

    protected String getRedirectUrl(ViewSessionPolicy viewSessionPolicy, HttpServletRequest httpServletRequest) {
        String str = null;
        if (viewSessionPolicy.isRedirectToHome()) {
            str = CoreApiServiceLocator.getKualiConfigurationService().getPropertyValueAsString("application.url");
        } else if (StringUtils.isNotBlank(viewSessionPolicy.getRedirectUrl())) {
            str = viewSessionPolicy.getRedirectUrl();
        } else if (viewSessionPolicy.isRenderTimeoutView()) {
            str = KRADUtils.buildViewUrl(CoreApiServiceLocator.getKualiConfigurationService().getPropertyValueAsString("krad.url"), KRADConstants.REQUEST_MAPPING_SESSION_TIMEOUT, "Uif-SessionTimeoutView");
        }
        return str;
    }

    protected void sendRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        boolean z = false;
        if ("XMLHttpRequest".equals(httpServletRequest.getHeader("x-requested-with"))) {
            z = true;
        }
        if (!z) {
            httpServletResponse.sendRedirect(str);
            return;
        }
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setStatus(this.sessionTimeoutErrorCode);
        PrintWriter writer = httpServletResponse.getWriter();
        writer.print(str);
        writer.flush();
    }

    protected static ViewService getViewService() {
        return KRADServiceLocatorWeb.getViewService();
    }

    protected ViewDictionaryService getViewDictionaryService() {
        return KRADServiceLocatorWeb.getViewDictionaryService();
    }

    public void destroy() {
    }
}
