package org.support.project.web.filter;

import java.io.IOException;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.support.project.common.log.Log;
import org.support.project.common.log.LogFactory;
import org.support.project.common.util.RandomUtil;
import org.support.project.common.util.StringUtils;
import org.support.project.di.Container;
import org.support.project.web.common.HttpStatus;
import org.support.project.web.common.HttpUtil;
import org.support.project.web.dao.UsersDao;
import org.support.project.web.entity.UsersEntity;
import org.support.project.web.exception.AuthenticateException;
import org.support.project.web.logic.AuthenticationLogic;
import org.support.project.web.wrapper.HttpServletRequestWrapper;

/* loaded from: input_file:org/support/project/web/filter/AuthenticationFilter.class */
public class AuthenticationFilter implements Filter {
    private static final Log LOG = LogFactory.getLog(AuthenticationFilter.class);
    private String loginProcess = "/signin";
    private String initialPage = "/index";
    private String authorizerErrorUri = "/authorizer_error";
    private String logoutProcess = "/signout";
    private String outPage = "/index";
    private String loginPage = "/WEB-INF/view/auth/form.jsp";
    private String loginErrorPage = "/WEB-INF/view/auth/form.jsp";
    private String authorizerErrorPage = "/WEB-INF/view/auth/authorizerError.jsp";
    private String ignoreRegularExpression = "^open|css$|js$|jpg$|jpeg$|gif$|png$|init$";
    private Pattern pattern = null;
    private String authLogicClassName = "org.support.project.web.logic.impl.DBAuthenticationLogic";
    private AuthenticationLogic<?> authenticationLogic = null;
    private int cookieMaxAge = -1;
    private String cookieEncryptKey = "";
    private boolean cookieSecure = true;

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter("login-page");
        if (StringUtils.isNotEmpty(initParameter)) {
            this.loginPage = initParameter;
        }
        String initParameter2 = filterConfig.getInitParameter("login-error-page");
        if (StringUtils.isNotEmpty(initParameter2)) {
            this.loginErrorPage = initParameter2;
        }
        String initParameter3 = filterConfig.getInitParameter("login-process");
        if (StringUtils.isNotEmpty(initParameter3)) {
            this.loginProcess = initParameter3;
        }
        String initParameter4 = filterConfig.getInitParameter("logout-process");
        if (StringUtils.isNotEmpty(initParameter4)) {
            this.logoutProcess = initParameter4;
        }
        String initParameter5 = filterConfig.getInitParameter("initial-page");
        if (StringUtils.isNotEmpty(initParameter5)) {
            this.initialPage = initParameter5;
        }
        String initParameter6 = filterConfig.getInitParameter("authorizer-error-page");
        if (StringUtils.isNotEmpty(initParameter6)) {
            this.authorizerErrorPage = initParameter6;
        }
        String initParameter7 = filterConfig.getInitParameter("ignore-regular-expression");
        if (StringUtils.isNotEmpty(initParameter7)) {
            this.ignoreRegularExpression = initParameter7;
        }
        if (StringUtils.isNotEmpty(this.ignoreRegularExpression)) {
            this.pattern = Pattern.compile(this.ignoreRegularExpression);
        }
        String initParameter8 = filterConfig.getInitParameter("auth-class-name");
        if (StringUtils.isNotEmpty(initParameter8)) {
            this.authLogicClassName = initParameter8;
        }
        try {
            this.authenticationLogic = (AuthenticationLogic) Container.getComp(Class.forName(this.authLogicClassName));
            String initParameter9 = filterConfig.getInitParameter("cookie-max-age");
            if (StringUtils.isInteger(initParameter9)) {
                this.cookieMaxAge = Integer.parseInt(initParameter9) * 60 * 60 * 24;
            }
            this.cookieEncryptKey = filterConfig.getInitParameter("cookie-encrypt-key");
            if (StringUtils.isEmpty(this.cookieEncryptKey)) {
                this.cookieEncryptKey = RandomUtil.randamGen(24);
            }
            String initParameter10 = filterConfig.getInitParameter("cookie-secure");
            if (initParameter10 != null && initParameter10.toLowerCase().equals("false")) {
                this.cookieSecure = false;
            }
            this.authenticationLogic.initCookie(this.cookieMaxAge, this.cookieEncryptKey, this.cookieSecure);
        } catch (ClassNotFoundException e) {
            throw new ServletException(e);
        }
    }

    public void destroy() {
        this.loginPage = null;
        this.loginErrorPage = null;
        this.loginProcess = null;
        this.initialPage = null;
        this.ignoreRegularExpression = null;
        this.pattern = null;
        this.authLogicClassName = null;
        this.authenticationLogic = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequestWrapper httpServletRequestWrapper = new HttpServletRequestWrapper((HttpServletRequest) servletRequest, this.authenticationLogic);
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            StringBuilder sb = new StringBuilder();
            sb.append(httpServletRequestWrapper.getServletPath());
            if (httpServletRequestWrapper.getPathInfo() != null && httpServletRequestWrapper.getPathInfo().length() > 0) {
                sb.append(httpServletRequestWrapper.getPathInfo());
            }
            String sb2 = sb.toString();
            if (!isLogin(httpServletRequestWrapper)) {
                this.authenticationLogic.cookieLogin(httpServletRequestWrapper, httpServletResponse);
            }
            if (this.pattern != null && this.pattern.matcher(sb2).find()) {
                isLogin(httpServletRequestWrapper);
                filterChain.doFilter(httpServletRequestWrapper, httpServletResponse);
                return;
            }
            if (sb2.equals("/")) {
                changePage(httpServletRequestWrapper, httpServletResponse);
                return;
            }
            if (sb2.equals(this.loginProcess)) {
                if (httpServletRequestWrapper.getMethod().toLowerCase().equals("get")) {
                    LOG.trace("SC_401_UNAUTHORIZED");
                    httpServletRequestWrapper.setAttribute("page", httpServletRequestWrapper.getParameter("page"));
                    httpServletResponse.setStatus(HttpStatus.SC_401_UNAUTHORIZED);
                    HttpUtil.forward(httpServletResponse, httpServletRequestWrapper, this.loginPage);
                    return;
                }
                if (doLogin(httpServletRequestWrapper)) {
                    this.authenticationLogic.setCookie(httpServletRequestWrapper, httpServletResponse);
                    changePage(httpServletRequestWrapper, httpServletResponse);
                    return;
                }
                String parameter = httpServletRequestWrapper.getParameter("username");
                String parameter2 = httpServletRequestWrapper.getParameter("password");
                String parameter3 = httpServletRequestWrapper.getParameter("page");
                httpServletRequestWrapper.setAttribute("username", parameter);
                httpServletRequestWrapper.setAttribute("password", parameter2);
                httpServletRequestWrapper.setAttribute("page", parameter3);
                httpServletRequestWrapper.setAttribute("loginError", true);
                synchronized (httpServletRequestWrapper) {
                    Thread.sleep(2000L);
                }
                HttpUtil.forward(httpServletResponse, httpServletRequestWrapper, this.loginErrorPage);
                return;
            }
            if (sb2.equals(this.logoutProcess)) {
                this.authenticationLogic.clearSession(httpServletRequestWrapper);
                removeCookie(httpServletRequestWrapper, httpServletResponse);
                LOG.trace("sign out");
                HttpUtil.redirect(httpServletResponse, httpServletRequestWrapper, httpServletRequestWrapper.getContextPath() + this.outPage);
                return;
            }
            if (sb2.startsWith(this.loginPage)) {
                filterChain.doFilter(httpServletRequestWrapper, httpServletResponse);
                return;
            }
            if (sb2.startsWith(this.authorizerErrorUri)) {
                LOG.trace("SC_403_FORBIDDEN");
                httpServletResponse.setStatus(HttpStatus.SC_403_FORBIDDEN);
                HttpUtil.forward(httpServletResponse, httpServletRequestWrapper, this.authorizerErrorPage);
                return;
            }
            if (isLogin(httpServletRequestWrapper)) {
                LOG.trace("ログイン済み");
                if (isAuthorizer(httpServletRequestWrapper)) {
                    filterChain.doFilter(httpServletRequestWrapper, httpServletResponse);
                    return;
                }
                HttpUtil.redirect(httpServletResponse, httpServletRequestWrapper, httpServletRequestWrapper.getContextPath() + this.authorizerErrorUri);
                return;
            }
            LOG.trace("ログインしていません");
            if (this.authenticationLogic.cookieLogin(httpServletRequestWrapper, httpServletResponse)) {
                filterChain.doFilter(httpServletRequestWrapper, httpServletResponse);
                return;
            }
            StringBuilder sb3 = new StringBuilder();
            sb3.append(httpServletRequestWrapper.getContextPath());
            sb3.append(this.loginProcess);
            sb3.append("?page=").append(httpServletRequestWrapper.getServletPath());
            HttpUtil.redirect(httpServletResponse, httpServletRequestWrapper, sb3.toString());
        } catch (Exception e) {
            throw new ServletException(e);
        } catch (AuthenticateException e2) {
            httpServletResponse.sendError(HttpStatus.SC_500_INTERNAL_SERVER_ERROR);
        }
    }

    protected boolean isAuthorizer(HttpServletRequest httpServletRequest) throws Exception {
        return this.authenticationLogic.isAuthorize(httpServletRequest);
    }

    protected boolean isLogin(HttpServletRequest httpServletRequest) throws Exception {
        return this.authenticationLogic.isLogined(httpServletRequest);
    }

    protected void changePage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String parameter = httpServletRequest.getParameter("page");
        if (StringUtils.isEmpty(parameter)) {
            parameter = this.initialPage;
        }
        if (parameter.equals(this.loginProcess)) {
            parameter = this.initialPage;
        }
        HttpUtil.redirect(httpServletResponse, httpServletRequest, httpServletRequest.getContextPath() + parameter);
    }

    protected boolean doLogin(HttpServletRequest httpServletRequest) throws Exception {
        String parameter = httpServletRequest.getParameter("username");
        int auth = this.authenticationLogic.auth(parameter, httpServletRequest.getParameter("password"));
        if (auth < 0) {
            return false;
        }
        LOG.debug(auth + " is Login.");
        UsersEntity selectOnKey = UsersDao.get().selectOnKey(Integer.valueOf(auth));
        if (selectOnKey == null) {
            return false;
        }
        if (!parameter.equals(selectOnKey.getUserKey())) {
            parameter = selectOnKey.getUserKey();
        }
        this.authenticationLogic.setSession(parameter, httpServletRequest);
        return true;
    }

    private void removeCookie(HttpServletRequestWrapper httpServletRequestWrapper, HttpServletResponse httpServletResponse) {
        if (httpServletRequestWrapper.getCookies() != null) {
            Cookie cookie = new Cookie("LOGIN_USER_KEY", "");
            cookie.setPath(httpServletRequestWrapper.getContextPath() + "/");
            cookie.setMaxAge(0);
            httpServletResponse.addCookie(cookie);
        }
    }

    protected String getLoginProcess() {
        return this.loginProcess;
    }

    protected String getLoginPage() {
        return this.loginPage;
    }
}
