package com.github.adminfaces.template.session;

import com.github.adminfaces.template.config.AdminConfig;
import com.github.adminfaces.template.util.Assert;
import com.github.adminfaces.template.util.Constants;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@WebFilter(urlPatterns = {"/*"})
/* loaded from: input_file:com/github/adminfaces/template/session/AdminFilter.class */
public class AdminFilter implements Filter {
    private static final String FACES_RESOURCES = "javax.faces.resource";
    private static final Logger log = Logger.getLogger(AdminFilter.class.getName());
    private boolean disableFilter;
    private String loginPage;
    private String errorPage;
    private String indexPage;

    @Inject
    AdminSession adminSession;

    @Inject
    AdminConfig adminConfig;
    private final List<String> ignoredResources = new ArrayList();

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getServletContext().getInitParameter(Constants.InitialParams.DISABLE_FILTER);
        if (this.adminConfig.isDisableFilter() || (Assert.has(initParameter) && Boolean.valueOf(initParameter).booleanValue())) {
            this.disableFilter = true;
        }
        if (this.disableFilter) {
            return;
        }
        try {
            this.loginPage = filterConfig.getServletContext().getInitParameter(Constants.InitialParams.LOGIN_PAGE);
            if (!Assert.has(this.loginPage)) {
                this.loginPage = Assert.has(this.adminConfig) ? this.adminConfig.getLoginPage() : Constants.DEFAULT_LOGIN_PAGE;
            }
            this.errorPage = filterConfig.getServletContext().getInitParameter(Constants.InitialParams.ERROR_PAGE);
            if (!Assert.has(this.errorPage)) {
                this.errorPage = Constants.DEFAULT_ERROR_PAGE;
            }
            this.indexPage = filterConfig.getServletContext().getInitParameter(Constants.InitialParams.INDEX_PAGE);
            if (!Assert.has(this.indexPage)) {
                this.indexPage = Assert.has(this.adminConfig) ? this.adminConfig.getIndexPage() : Constants.DEFAULT_INDEX_PAGE;
            }
            this.errorPage = this.errorPage.startsWith("/") ? this.errorPage.substring(1) : this.errorPage;
            this.loginPage = this.loginPage.startsWith("/") ? this.loginPage.substring(1) : this.loginPage;
            this.indexPage = this.indexPage.startsWith("/") ? this.indexPage.substring(1) : this.indexPage;
            this.ignoredResources.add(this.loginPage);
            this.ignoredResources.add(this.errorPage);
            String ignoredResources = this.adminConfig.getIgnoredResources();
            if (Assert.has(ignoredResources)) {
                this.ignoredResources.addAll(Arrays.asList(ignoredResources.split(",")));
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, "problem initializing admin filter", (Throwable) e);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.disableFilter) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        servletRequest.setCharacterEncoding("UTF-8");
        servletResponse.setCharacterEncoding("UTF-8");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (httpServletRequest.getRequestURI().equals(httpServletRequest.getContextPath() + "/") || (this.adminSession.isLoggedIn() && httpServletRequest.getRequestURI().endsWith(this.loginPage))) {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/" + this.indexPage);
            return;
        }
        if (httpServletRequest.getRequestURI().contains(httpServletRequest.getContextPath() + "/public/")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!skipResource(httpServletRequest, httpServletResponse) && !this.adminSession.isLoggedIn()) {
            redirectToLogon(httpServletRequest, (HttpServletResponse) servletResponse);
            return;
        }
        if (!this.adminSession.isUserRedirected() && this.adminSession.isLoggedIn() && Assert.has(httpServletRequest.getHeader("Referer")) && httpServletRequest.getHeader("Referer").contains("?page=")) {
            this.adminSession.setUserRedirected(true);
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + extractPageFromURL(httpServletRequest.getHeader("Referer")));
            return;
        }
        try {
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (FileNotFoundException e) {
            log.log(Level.WARNING, "File not found", (Throwable) e);
            httpServletResponse.sendError(404);
        }
    }

    private String extractPageFromURL(String str) {
        try {
            return URLDecoder.decode(str.substring(str.indexOf("page=") + 5), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            log.log(Level.WARNING, "Could not extract page from url", (Throwable) e);
            return this.indexPage;
        }
    }

    public void destroy() {
    }

    private boolean skipResource(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String replaceAll = httpServletRequest.getServletPath().replaceAll("/", "");
        return replaceAll.startsWith(FACES_RESOURCES) || this.ignoredResources.contains(replaceAll) || httpServletResponse.getStatus() == 500;
    }

    private void redirectToLogon(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            String header = httpServletRequest.getHeader("Referer");
            String substring = (Assert.has(header) && header.contains("?")) ? header.substring(header.lastIndexOf("?") + 1) : httpServletRequest.getQueryString();
            String requestURI = httpServletRequest.getRequestURI();
            StringBuilder sb = null;
            if (!this.loginPage.equals(requestURI) && requestURI.contains(".")) {
                if (requestURI.startsWith(httpServletRequest.getContextPath())) {
                    requestURI = requestURI.replaceFirst(httpServletRequest.getContextPath(), "");
                }
                sb = new StringBuilder(requestURI);
                if (Assert.has(substring)) {
                    sb.append("?").append(substring);
                }
            }
            String str = httpServletRequest.getContextPath() + "/" + this.loginPage + ((Assert.has(sb) && isValidRecoveryUrl(sb)) ? "?page=" + URLEncoder.encode(sb.toString(), "UTF-8") : "");
            if ("partial/ajax".equals(httpServletRequest.getHeader("Faces-Request"))) {
                httpServletResponse.setContentType("text/xml");
                httpServletResponse.getWriter().append((CharSequence) "<?xml version=\"1.0\" encoding=\"UTF-8\"?>").printf("<partial-response><redirect url=\"%s\"></redirect></partial-response>", str);
            } else {
                httpServletResponse.sendRedirect(str);
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, "Could not redirect to " + this.loginPage, (Throwable) e);
        }
    }

    private boolean isValidRecoveryUrl(StringBuilder sb) {
        String pageSufix = this.adminConfig.getPageSufix();
        return (sb.toString().contains(Constants.DEFAULT_INDEX_PAGE.replace(Constants.DEFAULT_PAGE_FORMAT, pageSufix)) || sb.toString().contains(Constants.DEFAULT_ACCESS_DENIED_PAGE.replace(Constants.DEFAULT_PAGE_FORMAT, this.adminConfig.getPageSufix())) || sb.toString().contains(Constants.DEFAULT_EXPIRED_PAGE.replace(Constants.DEFAULT_PAGE_FORMAT, pageSufix)) || sb.toString().contains(Constants.DEFAULT_OPTIMISTIC_PAGE.replace(Constants.DEFAULT_PAGE_FORMAT, this.adminConfig.getPageSufix())) || sb.toString().contains(Constants.DEFAULT_LOGIN_PAGE.replace(Constants.DEFAULT_PAGE_FORMAT, this.adminConfig.getPageSufix()))) ? false : true;
    }
}
