package io.gravitee.am.management.handlers.management.api.authentication.filter;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.gravitee.am.service.ReCaptchaService;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Set;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.MediaType;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/authentication/filter/RecaptchaFilter.class */
public class RecaptchaFilter extends GenericFilterBean {
    public static final String DEFAULT_RECAPTCHA_HEADER_NAME = "X-Recaptcha-Token";
    private ReCaptchaService reCaptchaService;
    private ObjectMapper objectMapper;

    @Generated
    private static final Logger log = LoggerFactory.getLogger(RecaptchaFilter.class);
    private static final Set<String> RESTRICTED_PATHS = new HashSet(Arrays.asList("POST /login"));

    public RecaptchaFilter(ReCaptchaService reCaptchaService, ObjectMapper objectMapper) {
        this.reCaptchaService = reCaptchaService;
        this.objectMapper = objectMapper;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!this.reCaptchaService.isEnabled() || !RESTRICTED_PATHS.contains(httpServletRequest.getMethod() + " " + httpServletRequest.getPathInfo())) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        log.debug("Checking captcha");
        String header = httpServletRequest.getHeader(DEFAULT_RECAPTCHA_HEADER_NAME);
        if (header == null) {
            header = httpServletRequest.getParameter(DEFAULT_RECAPTCHA_HEADER_NAME);
        }
        if (((Boolean) this.reCaptchaService.isValid(header).blockingGet()).booleanValue()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("message", "Something goes wrong. Please try again.");
        hashMap.put("http_status", 400);
        httpServletResponse.setStatus(400);
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON.toString());
        httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(hashMap));
        httpServletResponse.getWriter().close();
    }
}
