package org.kuali.rice.kew.web;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.kuali.rice.kim.api.identity.IdentityService;
import org.kuali.rice.kim.api.services.KimApiServiceLocator;
import org.kuali.rice.krad.UserSession;
import org.kuali.rice.krad.util.KRADUtils;

/* loaded from: input_file:WEB-INF/lib/rice-impl-2.1.14.jar:org/kuali/rice/kew/web/DummyLoginFilter.class */
public class DummyLoginFilter implements Filter {
    private String loginPath;
    private boolean showPassword = false;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.loginPath = filterConfig.getInitParameter("loginPath");
        this.showPassword = Boolean.valueOf(filterConfig.getInitParameter("showPassword")).booleanValue();
        if (this.loginPath == null) {
            this.loginPath = "/WEB-INF/jsp/dummy_login.jsp";
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        doFilter((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
    }

    private void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequestWrapper httpServletRequestWrapper;
        final UserSession userSessionFromRequest = KRADUtils.getUserSessionFromRequest(httpServletRequest);
        if (userSessionFromRequest == null) {
            IdentityService identityService = KimApiServiceLocator.getIdentityService();
            httpServletRequest.setAttribute("showPasswordField", Boolean.valueOf(this.showPassword));
            final String parameter = httpServletRequest.getParameter("__login_user");
            String parameter2 = httpServletRequest.getParameter("__login_pw");
            if (parameter == null || parameter.trim().isEmpty()) {
                httpServletRequest.getRequestDispatcher(this.loginPath).forward(httpServletRequest, httpServletResponse);
                return;
            }
            if ((this.showPassword ? identityService.getPrincipalByPrincipalNameAndPassword(parameter, parameter2) : identityService.getPrincipalByPrincipalName(parameter)) == null) {
                handleInvalidLogin(httpServletRequest, httpServletResponse);
                return;
            }
            httpServletRequestWrapper = new HttpServletRequestWrapper(httpServletRequest) { // from class: org.kuali.rice.kew.web.DummyLoginFilter.1
                public String getRemoteUser() {
                    return parameter;
                }
            };
        } else {
            httpServletRequestWrapper = new HttpServletRequestWrapper(httpServletRequest) { // from class: org.kuali.rice.kew.web.DummyLoginFilter.2
                public String getRemoteUser() {
                    return userSessionFromRequest.getPrincipalName();
                }
            };
        }
        filterChain.doFilter(httpServletRequestWrapper, httpServletResponse);
    }

    private void handleInvalidLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
        servletRequest.setAttribute("invalidAuth", Boolean.TRUE);
        servletRequest.getRequestDispatcher(this.loginPath).forward(servletRequest, servletResponse);
    }

    public void destroy() {
        this.loginPath = null;
    }
}
