package org.eclipse.scout.rt.server.commons.authentication;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.scout.rt.platform.BEANS;
import org.eclipse.scout.rt.platform.security.IPrincipalProducer;
import org.eclipse.scout.rt.platform.security.IPrincipalVerifier;
import org.eclipse.scout.rt.platform.security.SimplePrincipalProducer;
import org.eclipse.scout.rt.platform.util.StringUtility;

/* loaded from: input_file:org/eclipse/scout/rt/server/commons/authentication/TrivialAccessController.class */
public class TrivialAccessController implements IAccessController {
    private TrivialAuthConfig m_config;

    /* loaded from: input_file:org/eclipse/scout/rt/server/commons/authentication/TrivialAccessController$TrivialAuthConfig.class */
    public static class TrivialAuthConfig {
        private PathInfoFilter m_exclusionFilter;
        private IPrincipalVerifier m_principalVerifier;
        private boolean m_enabled = true;
        private IPrincipalProducer m_principalProducer = (IPrincipalProducer) BEANS.get(SimplePrincipalProducer.class);
        private boolean m_handleAuthentication = true;
        private boolean m_loginPageInstalled = false;

        public boolean isEnabled() {
            return this.m_enabled;
        }

        public TrivialAuthConfig withEnabled(boolean z) {
            this.m_enabled = z;
            return this;
        }

        public IPrincipalProducer getPrincipalProducer() {
            return this.m_principalProducer;
        }

        public TrivialAuthConfig withPrincipalProducer(IPrincipalProducer iPrincipalProducer) {
            this.m_principalProducer = iPrincipalProducer;
            return this;
        }

        public IPrincipalVerifier getPrincipalVerifier() {
            return this.m_principalVerifier;
        }

        public TrivialAuthConfig withPrincipalVerifier(IPrincipalVerifier iPrincipalVerifier) {
            this.m_principalVerifier = iPrincipalVerifier;
            return this;
        }

        public PathInfoFilter getPathInfoFilter() {
            return this.m_exclusionFilter;
        }

        public TrivialAuthConfig withExclusionFilter(String str) {
            this.m_exclusionFilter = new PathInfoFilter(str);
            return this;
        }

        public boolean isHandleAuthentication() {
            return this.m_handleAuthentication;
        }

        public TrivialAuthConfig withHandleAuthentication(boolean z) {
            this.m_handleAuthentication = z;
            return this;
        }

        public boolean isLoginPageInstalled() {
            return this.m_loginPageInstalled;
        }

        public TrivialAuthConfig withLoginPageInstalled(boolean z) {
            this.m_loginPageInstalled = z;
            return this;
        }
    }

    public TrivialAccessController init(TrivialAuthConfig trivialAuthConfig) {
        this.m_config = trivialAuthConfig;
        return this;
    }

    @Override // org.eclipse.scout.rt.server.commons.authentication.IAccessController
    public boolean handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!this.m_config.isEnabled()) {
            return false;
        }
        String target = getTarget(httpServletRequest);
        switch (target.hashCode()) {
            case 46411351:
                if (target.equals("/auth")) {
                    return false;
                }
                break;
            case 1448719514:
                if (target.equals("/login")) {
                    if (!this.m_config.isHandleAuthentication()) {
                        return false;
                    }
                    handleLoginRequest(httpServletRequest, httpServletResponse);
                    return true;
                }
                break;
            case 1960638073:
                if (target.equals("/logout")) {
                    if (!this.m_config.isHandleAuthentication()) {
                        return false;
                    }
                    handleLogoutRequest(httpServletRequest, httpServletResponse);
                    return true;
                }
                break;
        }
        return handleRequest(httpServletRequest, httpServletResponse, filterChain);
    }

    @Override // org.eclipse.scout.rt.server.commons.authentication.IAccessController
    public void destroy() {
    }

    protected boolean handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        ServletFilterHelper servletFilterHelper = (ServletFilterHelper) BEANS.get(ServletFilterHelper.class);
        if (servletFilterHelper.redirectIncompleteBasePath(httpServletRequest, httpServletResponse, false)) {
            return true;
        }
        if (servletFilterHelper.isRunningWithValidSubject(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return true;
        }
        Principal findPrincipal = servletFilterHelper.findPrincipal(httpServletRequest, this.m_config.getPrincipalProducer());
        if (findPrincipal == null) {
            if (!this.m_config.getPathInfoFilter().accepts(String.valueOf(StringUtility.emptyIfNull(httpServletRequest.getServletPath())) + StringUtility.emptyIfNull(httpServletRequest.getPathInfo()))) {
                return false;
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return true;
        }
        if (this.m_config.getPrincipalVerifier() != null && !this.m_config.getPrincipalVerifier().verify(findPrincipal)) {
            return false;
        }
        servletFilterHelper.continueChainAsSubject(findPrincipal, httpServletRequest, httpServletResponse, filterChain);
        return true;
    }

    protected void handleLoginRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (this.m_config.isLoginPageInstalled()) {
            ((ServletFilterHelper) BEANS.get(ServletFilterHelper.class)).forwardToLoginForm(httpServletRequest, httpServletResponse);
        }
    }

    protected void handleLogoutRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ((ServletFilterHelper) BEANS.get(ServletFilterHelper.class)).doLogout(httpServletRequest);
        if (this.m_config.isLoginPageInstalled()) {
            ((ServletFilterHelper) BEANS.get(ServletFilterHelper.class)).forwardToLogoutForm(httpServletRequest, httpServletResponse);
        }
    }

    protected String getTarget(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo != null) {
            return pathInfo;
        }
        String requestURI = httpServletRequest.getRequestURI();
        return requestURI.substring(requestURI.lastIndexOf(47));
    }
}
