package com.rsmart.rfabric.jasperreports.auth;

import com.jaspersoft.jasperserver.remote.ServicesUtils;
import com.rsmart.rfabric.auth.tokenauth.AuthToken;
import com.rsmart.rfabric.auth.tokenauth.springsecurity.AuthTokenAuthentication;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.ProviderManager;

/* loaded from: input_file:com/rsmart/rfabric/jasperreports/auth/AuthTokenAuthenticationFilter.class */
public class AuthTokenAuthenticationFilter implements Filter, ApplicationContextAware {
    public static final String AUTH_TOKEN_HEADER = "x-authn-token";
    public static final String AUTH_TOKEN_PARAM = "authntoken";
    private AuthenticationManager authenticationManager;
    private static final Log log = LogFactory.getLog(AuthTokenAuthenticationFilter.class);
    public static final String[] FIELDS = {"KCID", "ISPI", "client"};
    private static ApplicationContext applicationContext = null;
    private static ServicesUtils servicesUtils = null;

    public void destroy() {
    }

    public final AuthToken getToken(HttpServletRequest httpServletRequest) {
        log.debug("getToken(final HttpServletRequest request)");
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("request == null");
        }
        if (log.isTraceEnabled()) {
            StringBuilder sb = new StringBuilder();
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            String str = "";
            while (true) {
                String str2 = str;
                if (!headerNames.hasMoreElements()) {
                    break;
                }
                sb.append(str2);
                sb.append((String) headerNames.nextElement());
                str = ", ";
            }
            log.trace("headers: " + sb.toString());
            StringBuilder sb2 = new StringBuilder();
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            String str3 = "";
            while (true) {
                String str4 = str3;
                if (!parameterNames.hasMoreElements()) {
                    break;
                }
                sb2.append(str4);
                sb2.append((String) parameterNames.nextElement());
                str3 = ", ";
            }
            log.trace("params: " + sb2.toString());
        }
        String header = httpServletRequest.getHeader(AUTH_TOKEN_HEADER);
        if (header == null) {
            header = httpServletRequest.getParameter(AUTH_TOKEN_PARAM);
            if (header != null) {
                log.debug("token passed as request parameter authntoken");
            }
        } else {
            log.debug("token passed as request header x-authn-token");
        }
        if (header == null) {
            log.debug("no authentication token found");
            return null;
        }
        log.debug("retrieved authentication token: " + header);
        return new AuthToken(header, FIELDS);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        AuthToken token = getToken(httpServletRequest);
        if (token == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        AuthToken currentAuthToken = AuthTokenAuthenticationUtil.getCurrentAuthToken();
        if (currentAuthToken != null && currentAuthToken.equals(token)) {
            log.debug("already validated authentication token presented again, skipping authentication");
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        log.debug("request has an AuthToken - attempting to authenticate");
        AuthTokenAuthentication authTokenAuthentication = new AuthTokenAuthentication(token);
        try {
            Authentication authenticate = this.authenticationManager.authenticate(authTokenAuthentication);
            if (log.isDebugEnabled()) {
                log.debug("User " + authTokenAuthentication.getName() + " authenticated: " + authenticate);
            }
            SecurityContextHolder.getContext().setAuthentication(authenticate);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e) {
            if (log.isDebugEnabled()) {
                log.debug("Token " + token + " failed to authenticate: " + e.toString());
            }
            if (log.isWarnEnabled()) {
                log.warn("Token " + token + " failed to authenticate: " + e.toString() + " " + e, e.getRootCause());
            }
            SecurityContextHolder.getContext().setAuthentication((Authentication) null);
            httpServletResponse.setStatus(401);
            servicesUtils.createOperationResult(1, "Failed authentication for token " + token);
            httpServletResponse.getWriter().print("Unauthorized");
        }
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
        if (log.isDebugEnabled() && (authenticationManager instanceof ProviderManager)) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("AuthenticationProviders:\n");
            Iterator it = ((ProviderManager) authenticationManager).getProviders().iterator();
            while (it.hasNext()) {
                stringBuffer.append("\t").append(((AuthenticationProvider) it.next()).getClass().toString()).append("\n");
            }
            log.debug(stringBuffer.toString());
        }
    }

    public void setApplicationContext(ApplicationContext applicationContext2) throws BeansException {
        applicationContext = applicationContext2;
        servicesUtils = (ServicesUtils) applicationContext2.getBean(ServicesUtils.class);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
