package org.jbpm.designer.filter;

import com.google.common.base.Charsets;
import java.io.IOException;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.jboss.errai.security.shared.api.identity.User;
import org.jboss.errai.security.shared.exception.FailedAuthenticationException;
import org.jboss.errai.security.shared.service.AuthenticationService;
import org.uberfire.ext.security.server.BasicAuthSecurityFilter;

/* loaded from: input_file:WEB-INF/lib/jbpm-designer-backend-7.11.1-SNAPSHOT.jar:org/jbpm/designer/filter/DesignerBasicAuthSecurityFilter.class */
public class DesignerBasicAuthSecurityFilter extends BasicAuthSecurityFilter implements Filter {

    @Inject
    AuthenticationService authenticationService;

    @Override // org.uberfire.ext.security.server.BasicAuthSecurityFilter, javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpSession session;
        HttpSession session2;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session3 = httpServletRequest.getSession(false);
        User user = this.authenticationService.getUser();
        if (httpServletRequest.getMethod().equals("OPTIONS")) {
            httpServletResponse.setStatus(202);
            return;
        }
        try {
            if (user != null) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } else if (authenticate(httpServletRequest)) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                if (httpServletResponse.isCommitted()) {
                    this.authenticationService.logout();
                }
            } else {
                challengeClient(httpServletRequest, httpServletResponse);
            }
            if (session3 != null || (session2 = httpServletRequest.getSession(false)) == null) {
                return;
            }
            session2.invalidate();
        } catch (Throwable th) {
            if (session3 == null && (session = httpServletRequest.getSession(false)) != null) {
                session.invalidate();
            }
            throw th;
        }
    }

    @Override // org.uberfire.ext.security.server.BasicAuthSecurityFilter
    public void challengeClient(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getMethod().equals("OPTIONS")) {
            httpServletResponse.setStatus(202);
        } else {
            super.challengeClient(httpServletRequest, httpServletResponse);
        }
    }

    public boolean authenticate(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getMethod().equals("OPTIONS")) {
            return true;
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return false;
        }
        String[] split = new String(Base64.decodeBase64(header.substring(header.indexOf(32))), Charsets.UTF_8).split(":", -1);
        try {
            this.authenticationService.login(split[0], split[1]);
            return true;
        } catch (FailedAuthenticationException e) {
            return false;
        }
    }
}
