package org.nuxeo.ecm.core.chemistry.ws;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.common.utils.FileUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/nuxeo/ecm/core/chemistry/ws/WSSUsernameTokenSSOFilter.class */
public class WSSUsernameTokenSSOFilter implements Filter {
    private static final Log log = LogFactory.getLog(WSSUsernameTokenSSOFilter.class);
    public static final String MOD_SSO_REMOTE_USER = "Remote_User";
    private static final String CONTENT_TYPE = "Content-Type";
    private static final String CHARSET_EQ = "charset=";
    private static final String SOAPENV_NS = "http://schemas.xmlsoap.org/soap/envelope/";
    private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
    private static final String WSSE_USERNAME = "Username";
    private static final String WSSE_SECURITY = "Security";
    private static final String SOAPENV_MUSTUNDERSTAND = "mustUnderstand";

    /* loaded from: input_file:org/nuxeo/ecm/core/chemistry/ws/WSSUsernameTokenSSOFilter$RequestWrapper.class */
    public static class RequestWrapper extends HttpServletRequestWrapper {
        private final String username;
        private byte[] body;

        public RequestWrapper(HttpServletRequest httpServletRequest, String str, byte[] bArr) {
            super(httpServletRequest);
            this.username = str;
            this.body = bArr;
        }

        public String getHeader(String str) {
            return (this.username == null || !WSSUsernameTokenSSOFilter.MOD_SSO_REMOTE_USER.equalsIgnoreCase(str)) ? super.getHeader(str) : this.username;
        }

        public ServletInputStream getInputStream() throws IOException {
            ServletInputStreamWrapper servletInputStreamWrapper = new ServletInputStreamWrapper(this.body);
            this.body = null;
            return servletInputStreamWrapper;
        }
    }

    /* loaded from: input_file:org/nuxeo/ecm/core/chemistry/ws/WSSUsernameTokenSSOFilter$ServletInputStreamWrapper.class */
    public static class ServletInputStreamWrapper extends ServletInputStream {
        private InputStream in;

        public ServletInputStreamWrapper(byte[] bArr) throws IOException {
            this.in = new ByteArrayInputStream(bArr);
        }

        public int read() throws IOException {
            return this.in.read();
        }

        public int read(byte[] bArr) throws IOException {
            return this.in.read(bArr);
        }

        public int read(byte[] bArr, int i, int i2) throws IOException {
            return this.in.read(bArr, i, i2);
        }

        public long skip(long j) throws IOException {
            return this.in.skip(j);
        }

        public int available() throws IOException {
            return this.in.available();
        }

        public void close() throws IOException {
            this.in = new ByteArrayInputStream(new byte[0]);
        }

        public boolean markSupported() {
            return this.in.markSupported();
        }

        public void mark(int i) {
            this.in.mark(i);
        }

        public void reset() throws IOException {
            this.in.reset();
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        byte[] readBytes = FileUtils.readBytes(httpServletRequest.getInputStream());
        String str = null;
        String encodingFromContentType = getEncodingFromContentType(httpServletRequest.getHeader(CONTENT_TYPE));
        InputSource inputSource = new InputSource(new ByteArrayInputStream(readBytes));
        inputSource.setEncoding(encodingFromContentType);
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document parse = newInstance.newDocumentBuilder().parse(inputSource);
            NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSE_NS, WSSE_USERNAME);
            int i = 0;
            while (true) {
                if (i < elementsByTagNameNS.getLength()) {
                    String textContent = ((Element) elementsByTagNameNS.item(i)).getTextContent();
                    if (textContent != null && textContent.length() != 0) {
                        str = textContent;
                        break;
                    }
                    i++;
                } else {
                    break;
                }
            }
            boolean z = false;
            NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS(WSSE_NS, WSSE_SECURITY);
            int i2 = 0;
            while (true) {
                if (i2 >= elementsByTagNameNS2.getLength()) {
                    break;
                }
                Element element = (Element) elementsByTagNameNS2.item(i2);
                if ("1".equals(element.getAttributeNS(SOAPENV_NS, SOAPENV_MUSTUNDERSTAND))) {
                    element.removeAttributeNS(SOAPENV_NS, SOAPENV_MUSTUNDERSTAND);
                    z = true;
                    break;
                }
                i2++;
            }
            if (z) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
                    newTransformer.setOutputProperty("omit-xml-declaration", "yes");
                    newTransformer.setOutputProperty("indent", "no");
                    newTransformer.transform(new DOMSource(parse), new StreamResult(byteArrayOutputStream));
                    readBytes = byteArrayOutputStream.toByteArray();
                } catch (TransformerException e) {
                    throw ((IOException) new IOException().initCause(e));
                }
            }
        } catch (Exception e2) {
            log.error("Cannot parse XML: " + e2, e2);
        }
        filterChain.doFilter(new RequestWrapper(httpServletRequest, str, readBytes), servletResponse);
    }

    public static String getEncodingFromContentType(String str) {
        int indexOf;
        if (str == null || (indexOf = str.indexOf(CHARSET_EQ)) < 0) {
            return null;
        }
        String substring = str.substring(indexOf + CHARSET_EQ.length());
        int indexOf2 = substring.indexOf(59);
        if (indexOf2 >= 0) {
            substring = substring.substring(0, indexOf2);
        }
        String trim = substring.trim();
        int length = trim.length();
        if (length > 2 && trim.charAt(0) == '\"' && trim.charAt(length - 1) == '\"') {
            trim = trim.substring(1, length - 1);
        }
        return trim.trim();
    }
}
