package org.apache.isis.security.keycloak.webmodule;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.isis.applib.services.user.UserMemento;
import org.apache.isis.core.interaction.session.InteractionFactory;
import org.apache.isis.core.security.authentication.Authentication;
import org.apache.isis.core.security.authentication.standard.SimpleAuthentication;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/apache/isis/security/keycloak/webmodule/KeycloakFilter.class */
public class KeycloakFilter implements Filter {

    @Autowired
    private InteractionFactory isisInteractionFactory;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = header(httpServletRequest, "X-Auth-Userid");
        String header2 = header(httpServletRequest, "X-Auth-Roles");
        String header3 = header(httpServletRequest, "X-Auth-Subject");
        if (header == null || header2 == null || header3 == null) {
            httpServletResponse.setStatus(401);
            return;
        }
        SimpleAuthentication of = SimpleAuthentication.of(UserMemento.ofNameAndRoleNames(header, toClaims(header2).stream()), header3);
        of.setType(Authentication.Type.EXTERNAL);
        this.isisInteractionFactory.runAuthenticated(of, () -> {
            filterChain.doFilter(servletRequest, servletResponse);
        });
    }

    static List<String> toClaims(String str) {
        List<String> asRoles = asRoles(str);
        asRoles.add("org.apache.isis.viewer.wicket.roles.USER");
        return asRoles;
    }

    static List<String> asRoles(String str) {
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            arrayList.addAll(Arrays.asList(str.split(",")));
        }
        return arrayList;
    }

    private String header(HttpServletRequest httpServletRequest, String str) {
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str2 = (String) headerNames.nextElement();
            if (str2.toLowerCase().equals(str.toLowerCase())) {
                return httpServletRequest.getHeader(str2);
            }
        }
        return null;
    }
}
