package org.sonar.server.authentication.ws;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.config.Settings;
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.api.web.ServletFilter;
import org.sonar.server.authentication.BasicAuthenticator;
import org.sonar.server.authentication.JwtHttpHandler;
import org.sonar.server.exceptions.UnauthorizedException;

/* loaded from: input_file:org/sonar/server/authentication/ws/ValidateAction.class */
public class ValidateAction extends ServletFilter {
    public static final String AUTH_VALIDATE_URL = "/api/authentication/validate";
    private final Settings settings;
    private final JwtHttpHandler jwtHttpHandler;
    private final BasicAuthenticator basicAuthenticator;

    public ValidateAction(Settings settings, BasicAuthenticator basicAuthenticator, JwtHttpHandler jwtHttpHandler) {
        this.settings = settings;
        this.basicAuthenticator = basicAuthenticator;
        this.jwtHttpHandler = jwtHttpHandler;
    }

    public ServletFilter.UrlPattern doGetPattern() {
        return ServletFilter.UrlPattern.create(AUTH_VALIDATE_URL);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        boolean authenticate = authenticate((HttpServletRequest) servletRequest, httpServletResponse);
        httpServletResponse.setContentType("application/json");
        JsonWriter of = JsonWriter.of(httpServletResponse.getWriter());
        of.beginObject();
        of.prop("valid", authenticate);
        of.endObject();
    }

    private boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if (this.jwtHttpHandler.validateToken(httpServletRequest, httpServletResponse).isPresent() || this.basicAuthenticator.authenticate(httpServletRequest).isPresent()) {
                return true;
            }
            return !this.settings.getBoolean("sonar.forceAuthentication");
        } catch (UnauthorizedException e) {
            return false;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
