package org.sonar.server.authentication;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.platform.Server;
import org.sonar.api.server.authentication.BaseIdentityProvider;
import org.sonar.api.server.authentication.IdentityProvider;
import org.sonar.api.server.authentication.OAuth2IdentityProvider;
import org.sonar.api.server.authentication.UnauthorizedException;
import org.sonar.api.web.ServletFilter;
import org.sonar.server.authentication.event.AuthenticationEvent;
import org.sonar.server.authentication.event.AuthenticationException;

/* loaded from: input_file:org/sonar/server/authentication/InitFilter.class */
public class InitFilter extends AuthenticationFilter {
    private static final String INIT_CONTEXT = "/sessions/init/";
    private final BaseContextFactory baseContextFactory;
    private final OAuth2ContextFactory oAuth2ContextFactory;
    private final AuthenticationEvent authenticationEvent;

    public InitFilter(IdentityProviderRepository identityProviderRepository, BaseContextFactory baseContextFactory, OAuth2ContextFactory oAuth2ContextFactory, Server server, AuthenticationEvent authenticationEvent) {
        super(server, identityProviderRepository);
        this.baseContextFactory = baseContextFactory;
        this.oAuth2ContextFactory = oAuth2ContextFactory;
        this.authenticationEvent = authenticationEvent;
    }

    public ServletFilter.UrlPattern doGetPattern() {
        return ServletFilter.UrlPattern.create("/sessions/init/*");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        IdentityProvider resolveProviderOrHandleResponse = resolveProviderOrHandleResponse(httpServletRequest, httpServletResponse, INIT_CONTEXT);
        if (resolveProviderOrHandleResponse != null) {
            handleProvider(httpServletRequest, httpServletResponse, resolveProviderOrHandleResponse);
        }
    }

    private void handleProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IdentityProvider identityProvider) {
        try {
            if (identityProvider instanceof BaseIdentityProvider) {
                handleBaseIdentityProvider(httpServletRequest, httpServletResponse, (BaseIdentityProvider) identityProvider);
            } else if (identityProvider instanceof OAuth2IdentityProvider) {
                handleOAuth2IdentityProvider(httpServletRequest, httpServletResponse, (OAuth2IdentityProvider) identityProvider);
            } else {
                AuthenticationError.handleError(httpServletResponse, String.format("Unsupported IdentityProvider class: %s", identityProvider.getClass()));
            }
        } catch (AuthenticationException e) {
            this.authenticationEvent.loginFailure(httpServletRequest, e);
            AuthenticationError.handleAuthenticationError(e, httpServletResponse, getContextPath());
        } catch (Exception e2) {
            AuthenticationError.handleError(e2, httpServletResponse, String.format("Fail to initialize authentication with provider '%s'", identityProvider.getKey()));
        }
    }

    private void handleBaseIdentityProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, BaseIdentityProvider baseIdentityProvider) {
        try {
            baseIdentityProvider.init(this.baseContextFactory.newContext(httpServletRequest, httpServletResponse, baseIdentityProvider));
        } catch (UnauthorizedException e) {
            throw AuthenticationException.newBuilder().setSource(AuthenticationEvent.Source.external(baseIdentityProvider)).setMessage(e.getMessage()).setPublicMessage(e.getMessage()).build();
        }
    }

    private void handleOAuth2IdentityProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
        try {
            oAuth2IdentityProvider.init(this.oAuth2ContextFactory.newContext(httpServletRequest, httpServletResponse, oAuth2IdentityProvider));
        } catch (UnauthorizedException e) {
            throw AuthenticationException.newBuilder().setSource(AuthenticationEvent.Source.oauth2(oAuth2IdentityProvider)).setMessage(e.getMessage()).setPublicMessage(e.getMessage()).build();
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
