package nl.knowledgeplaza.securityfilter;

import java.security.Principal;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpSession;
import nl.knowledgeplaza.util.ArrayUtil;
import nl.knowledgeplaza.util.CalendarUtil;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.JdbcUtil;
import nl.knowledgeplaza.util.pool.JdbcConnectionPoolFactoryServletUtils;
import nl.knowledgeplaza.util.pool.ObjectPool;
import org.apache.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityFilter.class */
public class SecurityFilter implements Filter {
    public static final String SOURCECODE_VERSION = "$Revision: 1.53 $";
    static Logger log4j = Logger.getLogger(SecurityFilter.class.getName());
    public static final String SESSIONATTRIBUTE_TIMESTAMP = SecurityFilter.class.getName() + ".timestamp";
    public static final String SESSIONATTRIBUTE_SAVEDREQUEST = SecurityFilter.class.getName() + ".savedrequest";
    public static final String SESSIONATTRIBUTE_PRINCIPAL = SecurityFilter.class.getName() + ".principal";
    public static final String SESSIONATTRIBUTE_REASON = SecurityFilter.class.getName() + ".reason";
    public static final Principal AUTHENTICATION_IN_PROGRESS = new SecurityFilterPrincipal("AUTHENTICATION_IN_PROGRESS", null);
    public static final Principal ALLOW_REQUEST_WITHOUT_AUTHENTICATION = new SecurityFilterPrincipal("ALLOW_REQUEST_WITHOUT_AUTHENTICATION", null);
    private String iApplicationName = null;
    protected ConfigurationProperties iConfigurationProperties = null;
    private int iTimeout = 600;
    private String iAccessLogSql = null;
    private String iAccessLogJdbcPoolname = null;
    private List iNoLogin = new ArrayList();
    private String iInterface = null;
    private int iMinDuration = 1000;
    private SecurityInterface[] iSecurityInterfaces = null;
    volatile boolean iInitialized = false;

    /* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityFilter$RequestWrapper.class */
    private class RequestWrapper extends HttpServletRequestWrapper {
        HttpServletRequest iActualRequest;

        public RequestWrapper(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
            this.iActualRequest = null;
            this.iActualRequest = httpServletRequest;
        }

        public Principal getUserPrincipal() {
            if (SecurityFilter.log4j.isDebugEnabled()) {
                SecurityFilter.log4j.debug("getUserPrincipal uses KPSecurityFilter: " + SecurityFilter.getPrincipal(this.iActualRequest));
            }
            return SecurityFilter.getPrincipal(this.iActualRequest);
        }
    }

    /* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityFilter$ResponseCompletePrincipal.class */
    public class ResponseCompletePrincipal implements Principal {
        Principal iPrincipal;

        public ResponseCompletePrincipal(Principal principal) {
            this.iPrincipal = null;
            this.iPrincipal = principal;
        }

        public Principal getPrincipal() {
            return this.iPrincipal;
        }

        @Override // java.security.Principal
        public String getName() {
            if (this.iPrincipal == null) {
                return null;
            }
            return this.iPrincipal.getName();
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        if (log4j.isInfoEnabled()) {
            log4j.info("Initializing SecurityFilter...");
        }
        if (filterConfig.getInitParameter("ConfigurationProperties.ApplicationName") == null) {
            this.iInitialized = false;
        } else {
            ServletException servletException = new ServletException("ConfigurationProperties.ApplicationName is specified in the web.xml. Please use the ConfigurationPropertiesFilter.");
            log4j.error(servletException);
            throw servletException;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initialize() throws ServletException {
        if (log4j.isInfoEnabled()) {
            log4j.info("Delayed initializing SecurityFilter...");
        }
        this.iInitialized = true;
        if (log4j.isDebugEnabled()) {
            log4j.debug("Setting up configuration properties...");
        }
        this.iConfigurationProperties = ConfigurationProperties.get();
        if (log4j.isDebugEnabled()) {
            log4j.debug("Setting up the security interfaces...");
        }
        this.iSecurityInterfaces = new SecurityInterface[]{new SecurityInterfaceParameter(this.iConfigurationProperties, this), new SecurityInterfaceDigest(this.iConfigurationProperties, this), new SecurityInterfaceBasic(this.iConfigurationProperties, this), new SecurityInterfaceForm(this.iConfigurationProperties, this)};
        this.iInterface = this.iConfigurationProperties.get2(SecurityFilter.class, "interface");
        if (this.iInterface != null) {
            this.iInterface = "SecurityInterface" + this.iInterface;
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("Interface=" + this.iInterface);
        }
        if (this.iInterface != null) {
            for (int i = 0; i < this.iSecurityInterfaces.length; i++) {
                if (this.iSecurityInterfaces[i].getClass().getName().endsWith(this.iInterface)) {
                    this.iSecurityInterfaces = new SecurityInterface[]{this.iSecurityInterfaces[i]};
                }
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("SecurityInterfaces=" + ArrayUtil.toString(this.iSecurityInterfaces));
            }
        }
        try {
            String str = this.iConfigurationProperties.get2(this, "Timeout");
            if (str != null && str.length() > 0) {
                this.iTimeout = Integer.parseInt(str);
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Timeout=" + this.iTimeout);
            }
            String str2 = this.iConfigurationProperties.get2(this, "MinDuration");
            if (str2 != null && str2.length() > 0) {
                this.iMinDuration = Integer.parseInt(str2);
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("MinDuration=" + this.iMinDuration);
            }
        } catch (NumberFormatException e) {
            log4j.error(ExceptionUtil.getStacktrace(e));
        }
        this.iNoLogin.addAll(this.iConfigurationProperties.getGroupedCollection(getClass().getName() + ".nologin").values());
        if (log4j.isDebugEnabled()) {
            log4j.debug("NoLogin=" + this.iNoLogin);
        }
        this.iAccessLogSql = this.iConfigurationProperties.get2(this, "accessLogSql");
        if (log4j.isDebugEnabled()) {
            log4j.debug("AccessLogSql=" + this.iAccessLogSql);
        }
        this.iAccessLogJdbcPoolname = this.iConfigurationProperties.get2(this, "accessLogJdbcPoolname");
        if (log4j.isDebugEnabled()) {
            log4j.debug("AccessLogJdbcPoolname=" + this.iAccessLogJdbcPoolname);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:100:0x0386, code lost:
    
        if (r22 >= r7.iSecurityInterfaces.length) goto L163;
     */
    /* JADX WARN: Code restructure failed: missing block: B:101:0x0389, code lost:
    
        r21 = r7.iSecurityInterfaces[r22].authenticate(r7, r0, r0, r0);
        r22 = r22 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:104:0x03a8, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L101;
     */
    /* JADX WARN: Code restructure failed: missing block: B:105:0x03ab, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("Returned principal: " + r21);
     */
    /* JADX WARN: Code restructure failed: missing block: B:106:0x03c5, code lost:
    
        r20 = r21;
     */
    /* JADX WARN: Code restructure failed: missing block: B:107:0x03ce, code lost:
    
        if ((r21 instanceof nl.knowledgeplaza.securityfilter.SecurityFilter.ResponseCompletePrincipal) == false) goto L104;
     */
    /* JADX WARN: Code restructure failed: missing block: B:108:0x03d1, code lost:
    
        r20 = ((nl.knowledgeplaza.securityfilter.SecurityFilter.ResponseCompletePrincipal) r21).getPrincipal();
     */
    /* JADX WARN: Code restructure failed: missing block: B:110:0x03df, code lost:
    
        if (r7.iMinDuration <= 0) goto L117;
     */
    /* JADX WARN: Code restructure failed: missing block: B:111:0x03e2, code lost:
    
        r0 = r7.iMinDuration - (java.lang.System.currentTimeMillis() - r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:112:0x03f6, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L109;
     */
    /* JADX WARN: Code restructure failed: missing block: B:113:0x03f9, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("RemainingDuration=" + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:115:0x0417, code lost:
    
        if (r0 <= 0) goto L117;
     */
    /* JADX WARN: Code restructure failed: missing block: B:117:0x0420, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L114;
     */
    /* JADX WARN: Code restructure failed: missing block: B:118:0x0423, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("Sleeping " + r0 + "ms to fullfill MinDuration of " + r7.iMinDuration + "ms");
     */
    /* JADX WARN: Code restructure failed: missing block: B:119:0x044e, code lost:
    
        nl.knowledgeplaza.util.ThreadUtil.sleep(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:120:0x0459, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L117;
     */
    /* JADX WARN: Code restructure failed: missing block: B:121:0x045c, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("Resuming after MinDuration sleep");
     */
    /* JADX WARN: Code restructure failed: missing block: B:123:0x0469, code lost:
    
        if (r20 != nl.knowledgeplaza.securityfilter.SecurityFilter.AUTHENTICATION_IN_PROGRESS) goto L120;
     */
    /* JADX WARN: Code restructure failed: missing block: B:124:0x046c, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:126:0x046f, code lost:
    
        if (r20 != null) goto L124;
     */
    /* JADX WARN: Code restructure failed: missing block: B:128:0x047b, code lost:
    
        throw new javax.servlet.ServletException("Authentication not possible");
     */
    /* JADX WARN: Code restructure failed: missing block: B:130:0x0481, code lost:
    
        if (r20 == nl.knowledgeplaza.securityfilter.SecurityFilter.ALLOW_REQUEST_WITHOUT_AUTHENTICATION) goto L127;
     */
    /* JADX WARN: Code restructure failed: missing block: B:131:0x0484, code lost:
    
        storePrincipal(r0, r20);
        writeToAccesLog(r0, r20.getName(), "login succeeded");
     */
    /* JADX WARN: Code restructure failed: missing block: B:134:0x049f, code lost:
    
        if (r20 == nl.knowledgeplaza.securityfilter.SecurityFilter.ALLOW_REQUEST_WITHOUT_AUTHENTICATION) goto L130;
     */
    /* JADX WARN: Code restructure failed: missing block: B:135:0x04a2, code lost:
    
        updateTimestamp(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:137:0x04ac, code lost:
    
        if ((r21 instanceof nl.knowledgeplaza.securityfilter.SecurityFilter.ResponseCompletePrincipal) == false) goto L153;
     */
    /* JADX WARN: Code restructure failed: missing block: B:138:0x04af, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:141:0x04b6, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L136;
     */
    /* JADX WARN: Code restructure failed: missing block: B:142:0x04b9, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("pushing request up the chain");
     */
    /* JADX WARN: Code restructure failed: missing block: B:143:0x04c1, code lost:
    
        r10.doFilter(r0, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:144:0x04d1, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L139;
     */
    /* JADX WARN: Code restructure failed: missing block: B:145:0x04d4, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("request is back from the chain");
     */
    /* JADX WARN: Code restructure failed: missing block: B:149:0x04fe, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:150:0x04df, code lost:
    
        r22 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:152:0x04ea, code lost:
    
        throw new javax.servlet.ServletException(r22);
     */
    /* JADX WARN: Code restructure failed: missing block: B:70:0x024c, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L148;
     */
    /* JADX WARN: Code restructure failed: missing block: B:71:0x024f, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("Matched nologin: " + r0 + " vs " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:73:0x0273, code lost:
    
        r0 = (java.lang.String) ((java.util.Map) r7.iNoLogin.get(r18)).get("goto");
     */
    /* JADX WARN: Code restructure failed: missing block: B:74:0x0293, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L73;
     */
    /* JADX WARN: Code restructure failed: missing block: B:75:0x0296, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("No login forwarding to " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:76:0x02b0, code lost:
    
        nl.knowledgeplaza.servlets.ServletUtil.setNoCache(r0);
        r0.getRequestDispatcher(r0).forward(r0, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:77:0x02d6, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:79:0x02ca, code lost:
    
        r23 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:81:0x02d5, code lost:
    
        throw new javax.servlet.ServletException(r23);
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x02dd, code lost:
    
        r0 = (java.util.Calendar) r0.getAttribute(nl.knowledgeplaza.securityfilter.SecurityFilter.SESSIONATTRIBUTE_TIMESTAMP);
     */
    /* JADX WARN: Code restructure failed: missing block: B:84:0x02f2, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L82;
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x02f5, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("timestamp in session=" + nl.knowledgeplaza.util.CalendarUtil.quickFormatCalendar(r0) + " under " + nl.knowledgeplaza.securityfilter.SecurityFilter.SESSIONATTRIBUTE_TIMESTAMP);
     */
    /* JADX WARN: Code restructure failed: missing block: B:86:0x031d, code lost:
    
        r0 = new java.util.GregorianCalendar();
        r0.add(13, (-1) * r7.iTimeout);
     */
    /* JADX WARN: Code restructure failed: missing block: B:87:0x0339, code lost:
    
        if (nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.isDebugEnabled() == false) goto L85;
     */
    /* JADX WARN: Code restructure failed: missing block: B:88:0x033c, code lost:
    
        nl.knowledgeplaza.securityfilter.SecurityFilter.log4j.debug("treshhold timestamp=" + nl.knowledgeplaza.util.CalendarUtil.quickFormatCalendar(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:89:0x0359, code lost:
    
        r20 = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:90:0x035e, code lost:
    
        if (r0 == null) goto L90;
     */
    /* JADX WARN: Code restructure failed: missing block: B:92:0x0368, code lost:
    
        if (r0.after(r0) == false) goto L90;
     */
    /* JADX WARN: Code restructure failed: missing block: B:93:0x036b, code lost:
    
        r20 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:94:0x036f, code lost:
    
        r21 = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:95:0x0374, code lost:
    
        if (r20 != null) goto L127;
     */
    /* JADX WARN: Code restructure failed: missing block: B:96:0x0377, code lost:
    
        r22 = 0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:98:0x037c, code lost:
    
        if (r21 != null) goto L164;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v105, types: [java.security.Principal] */
    /* JADX WARN: Type inference failed for: r0v99, types: [java.security.Principal] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void doFilter(javax.servlet.ServletRequest r8, javax.servlet.ServletResponse r9, javax.servlet.FilterChain r10) throws javax.servlet.ServletException {
        /*
            Method dump skipped, instructions count: 1279
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: nl.knowledgeplaza.securityfilter.SecurityFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain):void");
    }

    public void destroy() {
    }

    public Principal authenticate(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        if (log4j.isDebugEnabled()) {
            log4j.debug("Always authenticate");
        }
        return new SecurityFilterPrincipal(str, str3);
    }

    public String getPassword(HttpServletRequest httpServletRequest, String str, String str2) throws ServletException {
        return null;
    }

    public static String getReason(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(SESSIONATTRIBUTE_REASON);
    }

    public static Principal getLoggedInPrincipal(HttpServletRequest httpServletRequest) {
        return (Principal) httpServletRequest.getSession().getAttribute(SESSIONATTRIBUTE_PRINCIPAL);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Principal getPrincipal(HttpServletRequest httpServletRequest) {
        return (Principal) httpServletRequest.getSession().getAttribute(SESSIONATTRIBUTE_PRINCIPAL);
    }

    public void writeToAccesLog(HttpServletRequest httpServletRequest, String str, String str2) {
        if (this.iAccessLogSql == null || this.iAccessLogJdbcPoolname == null) {
            return;
        }
        ObjectPool objectPool = null;
        Connection connection = null;
        try {
            try {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("obtaining database connection from JdbcPool: " + this.iAccessLogJdbcPoolname);
                }
                objectPool = JdbcConnectionPoolFactoryServletUtils.getConnectionPool(httpServletRequest, this.iAccessLogJdbcPoolname, this.iApplicationName);
                connection = (Connection) objectPool.borrowObject();
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Writing an entry to the accesslog table: " + this.iAccessLogSql);
                }
                String str3 = this.iAccessLogSql;
                Object[] objArr = new Object[5];
                objArr[0] = "" + str;
                objArr[1] = "" + httpServletRequest.getRemoteAddr() + (httpServletRequest.getRemoteHost().equals(new StringBuilder().append("").append(httpServletRequest.getRemoteAddr()).toString()) ? "" : " - " + httpServletRequest.getRemoteHost());
                objArr[2] = "" + httpServletRequest.getHeader("referer");
                objArr[3] = "" + str2;
                objArr[4] = "" + httpServletRequest.getSession().getId();
                JdbcUtil.execute(connection, str3, objArr);
                connection.commit();
                if (log4j.isDebugEnabled()) {
                    log4j.debug("returning database connection to from JdbcPool: " + this.iAccessLogJdbcPoolname);
                }
                objectPool.returnObject(connection);
            } catch (SQLException e) {
                log4j.error(ExceptionUtil.describe(e));
                if (log4j.isDebugEnabled()) {
                    log4j.debug("returning database connection to from JdbcPool: " + this.iAccessLogJdbcPoolname);
                }
                objectPool.returnObject(connection);
            }
        } catch (Throwable th) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("returning database connection to from JdbcPool: " + this.iAccessLogJdbcPoolname);
            }
            objectPool.returnObject(connection);
            throw th;
        }
    }

    public static void emulateLogin(HttpSession httpSession, String str) {
        emulateLogin(httpSession, str, null);
    }

    public static void emulateLogin(HttpSession httpSession, String str, String str2) {
        storePrincipal(httpSession, new SecurityFilterPrincipal(str, str2));
        updateTimestamp(httpSession);
    }

    public static void storePrincipal(HttpSession httpSession, String str) {
        storePrincipal(httpSession, str, null);
    }

    public static void storePrincipal(HttpSession httpSession, String str, String str2) {
        storePrincipal(httpSession, new SecurityFilterPrincipal(str, str2));
    }

    public static void storePrincipal(HttpSession httpSession, Principal principal) {
        if (log4j.isDebugEnabled()) {
            log4j.debug("Storing the principal: " + principal.getName());
        }
        httpSession.setAttribute(SESSIONATTRIBUTE_PRINCIPAL, principal);
    }

    public static void updateTimestamp(HttpSession httpSession) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        if (log4j.isDebugEnabled()) {
            log4j.debug("Setting the timestamp: " + CalendarUtil.quickFormatCalendar(gregorianCalendar));
        }
        httpSession.setAttribute(SESSIONATTRIBUTE_TIMESTAMP, gregorianCalendar);
    }

    public static void logout(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        session.removeAttribute(SESSIONATTRIBUTE_PRINCIPAL);
        session.removeAttribute(SESSIONATTRIBUTE_TIMESTAMP);
        session.removeAttribute(SESSIONATTRIBUTE_SAVEDREQUEST);
    }
}
