package io.hawt.web.auth;

import java.io.IOException;
import java.util.Arrays;
import java.util.stream.Stream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:hawtio.war:WEB-INF/lib/hawtio-system-2.0.0.fuse-sb2-790047-redhat-00001.jar:io/hawt/web/auth/LoginRedirectFilter.class */
public class LoginRedirectFilter implements Filter {
    private static final transient Logger LOG = LoggerFactory.getLogger((Class<?>) LoginRedirectFilter.class);
    private AuthenticationConfiguration authConfiguration;
    private final String[] unsecuredPaths;
    private Redirector redirector;

    public LoginRedirectFilter() {
        this(AuthenticationConfiguration.UNSECURED_PATHS);
    }

    public LoginRedirectFilter(String[] strArr) {
        this.redirector = new Redirector();
        this.unsecuredPaths = strArr;
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.authConfiguration = AuthenticationConfiguration.getConfiguration(filterConfig.getServletContext());
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        LOG.trace("Applying {}", getClass().getSimpleName());
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isRedirectRequired(httpServletRequest.getSession(false), httpServletRequest.getServletPath())) {
            this.redirector.doRedirect(httpServletRequest, httpServletResponse, AuthenticationConfiguration.LOGIN_URL);
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private boolean isRedirectRequired(HttpSession httpSession, String str) {
        return (!this.authConfiguration.isEnabled() || this.authConfiguration.isKeycloakEnabled() || AuthSessionHelpers.isSpringSecurityEnabled() || AuthSessionHelpers.isAuthenticated(httpSession) || !isSecuredPath(str)) ? false : true;
    }

    boolean isSecuredPath(String str) {
        Stream stream = Arrays.stream(this.unsecuredPaths);
        str.getClass();
        return !stream.anyMatch(str::startsWith);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    public void setRedirector(Redirector redirector) {
        this.redirector = redirector;
    }
}
