package org.picketlink.authentication.web;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.picketlink.Identity;
import org.picketlink.credential.DefaultLoginCredentials;

@ApplicationScoped
/* loaded from: input_file:org/picketlink/authentication/web/AuthenticationFilter.class */
public class AuthenticationFilter implements Filter {
    private static final String DEFAULT_REALM_NAME = "PicketLink Default Realm";

    @Inject
    private Instance<Identity> identityInstance;

    @Inject
    private Instance<DefaultLoginCredentials> credentialsInstance;
    private Map<AuthType, HTTPAuthenticationScheme> authenticationSchemes = new HashMap();
    private AuthType authType = AuthType.BASIC;
    private String realm = DEFAULT_REALM_NAME;

    /* loaded from: input_file:org/picketlink/authentication/web/AuthenticationFilter$AuthType.class */
    public enum AuthType {
        BASIC,
        DIGEST
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter("realm");
        if (initParameter != null) {
            this.realm = initParameter;
        }
        setAuthType(filterConfig.getInitParameter("authType"));
        this.authenticationSchemes.put(AuthType.DIGEST, new DigestAuthenticationScheme(this.realm));
        this.authenticationSchemes.put(AuthType.BASIC, new BasicAuthenticationScheme(this.realm));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!HttpServletRequest.class.isInstance(servletRequest)) {
            throw new ServletException("This filter can only process HttpServletRequest requests.");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.getSession();
        try {
            Identity identity = (Identity) this.identityInstance.get();
            try {
                DefaultLoginCredentials defaultLoginCredentials = (DefaultLoginCredentials) this.credentialsInstance.get();
                HTTPAuthenticationScheme hTTPAuthenticationScheme = this.authenticationSchemes.get(this.authType);
                if (!identity.isLoggedIn()) {
                    hTTPAuthenticationScheme.extractCredential(httpServletRequest, defaultLoginCredentials);
                    if (defaultLoginCredentials.getCredential() != null) {
                        identity.login();
                    }
                }
                if (identity.isLoggedIn()) {
                    filterChain.doFilter(servletRequest, servletResponse);
                } else {
                    hTTPAuthenticationScheme.challengeClient(httpServletRequest, httpServletResponse);
                }
            } catch (Exception e) {
                throw new ServletException("DefaultLoginCredentials not found - please ensure that the DefaultLoginCredentials component is created on startup.", e);
            }
        } catch (Exception e2) {
            throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.", e2);
        }
    }

    public void destroy() {
    }

    private void setAuthType(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Null authentication type provided.");
        }
        try {
            this.authType = AuthType.valueOf(str);
        } catch (IllegalArgumentException e) {
            throw new IllegalArgumentException("Unsupported authentication type. Possible values are: BASIC and DIGEST.", e);
        }
    }
}
