package com.epoint.sso.client.authentication;

import com.epoint.sso.client.util.IgnoreUtil;
import com.epoint.sso.client.util.ServiceUtil;
import com.epoint.sso.client.util.StringUtil;
import com.epoint.sso.client.validation.Assertion;
import com.epoint.third.apache.commons.lang.StringUtils;
import com.epoint.third.apache.oltu.oauth2.common.OAuth;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/epoint/sso/client/authentication/AuthenticationFilter.class */
public class AuthenticationFilter extends AbstractSSOFilter {
    private String ssoSkip;
    private String scope;
    private String display;
    private static Map<String, Object> GrantTicket = new HashMap();

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.epoint.sso.client.authentication.AbstractSSOFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        super.initInternal(filterConfig);
        setSsoSkip(getPropertyFromInitParams(filterConfig, "ssoSkip", null));
        this.log.trace("Loaded SSOSkip parameter: " + this.ssoSkip);
        setScope(getPropertyFromInitParams(filterConfig, OAuth.OAUTH_SCOPE, null));
        this.log.trace("Loaded scope parameter: " + this.scope);
        setDisplay(getPropertyFromInitParams(filterConfig, "display", null));
        this.log.trace("Loaded display parameter: " + this.display);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession(false);
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        String parameter = httpServletRequest.getParameter("commonDto");
        if (requestURI.contains("/rest/") && parameter == null && !"true".equalsIgnoreCase(httpServletRequest.getParameter("isCommondto")) && requestURI.indexOf(".action") == -1) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (IgnoreUtil.isSkip(requestURI, contextPath, this.ssoSkip) || IgnoreUtil.shouldFilter(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (StringUtil.isNotBlank(httpServletRequest.getParameter("grantticket"))) {
            GrantTicket.put("grantticket", httpServletRequest.getParameter("grantticket"));
            return;
        }
        boolean z = false;
        String header = httpServletRequest.getHeader("Extranet");
        this.log.debug("Nginx Extranet Header Parameter : " + header);
        if (StringUtil.isNotBlank(header) && "yes".equals(header)) {
            z = true;
        }
        httpServletRequest.setAttribute("isOuter", Boolean.valueOf(z));
        String parameter2 = httpServletRequest.getParameter(getArtifactParameterName());
        Assertion assertion = session != null ? (Assertion) session.getAttribute(AbstractSSOFilter.CONST_SSO_ASSERTION) : null;
        if (!StringUtil.isBlank(parameter2) || assertion != null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        this.log.debug("no code and no assertion found");
        if (this.log.isDebugEnabled()) {
            this.log.debug("Constructed redirect url: " + getServerUrl());
        }
        String constructRedirectUrl = ServiceUtil.constructRedirectUrl(httpServletRequest, httpServletResponse, null, getServerUrl(), getArtifactParameterName(), false);
        String constructPollAuthoUrl = z ? ServiceUtil.constructPollAuthoUrl(getServiceUrlOuter(), getClientID(), getClientSecret(), constructRedirectUrl, this.scope, this.display, getAndClearGrantTicket()) : ServiceUtil.constructPollAuthoUrl(getServiceUrl(), getClientID(), getClientSecret(), constructRedirectUrl, this.scope, this.display, getAndClearGrantTicket());
        if (this.log.isDebugEnabled()) {
            this.log.debug("redirecting to \"" + constructPollAuthoUrl + "\"");
        }
        httpServletResponse.sendRedirect(constructPollAuthoUrl);
    }

    public String getSsoSkip() {
        return this.ssoSkip;
    }

    public void setSsoSkip(String str) {
        this.ssoSkip = str;
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public String getDisplay() {
        return this.display;
    }

    public void setDisplay(String str) {
        this.display = str;
    }

    private String getAndClearGrantTicket() {
        Object obj = GrantTicket.get("grantticket");
        return StringUtil.isNotBlank(obj) ? obj.toString() : StringUtils.EMPTY;
    }

    public static void clearGrantTicket() {
        GrantTicket.clear();
    }
}
