package es.rediris.shib.filter;

import es.rediris.papi.assertion.Assertion;
import es.rediris.papi.config.Config;
import es.rediris.papi.exception.PAPIException;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

/* loaded from: input_file:es/rediris/shib/filter/ShibbolethFilter.class */
public class ShibbolethFilter implements Filter {
    private static Logger log = Logger.getLogger(ShibbolethFilter.class);
    public static final String SHIBFILTER_CONFIG_FILE = "configfile";
    public static final String JDBC_DBDRIVER = "jdbc.db_driver";
    public static final String JDBC_URL = "jdbc.db_url";
    private FilterConfig filterConfig;
    private Config config;

    /* loaded from: input_file:es/rediris/shib/filter/ShibbolethFilter$Wrapper.class */
    class Wrapper extends HttpServletRequestWrapper {
        String userId;

        public Wrapper(HttpServletRequest httpServletRequest, String str) {
            super(httpServletRequest);
            this.userId = str;
        }

        public String getAuthType() {
            return "PAPIv1";
        }

        public String getRemoteUser() {
            return this.userId;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        log.info("Initializing the ShibbolethFilter");
        this.filterConfig = filterConfig;
        try {
            this.config = new Config(this.filterConfig.getInitParameter(SHIBFILTER_CONFIG_FILE));
            initJDBC();
        } catch (PAPIException e) {
            log.error("Exception message", e);
            throw new ServletException(e);
        }
    }

    private void initJDBC() throws ServletException {
        String property = this.config.getProperty(JDBC_DBDRIVER);
        try {
            Class.forName(property).newInstance();
        } catch (Exception e) {
            throw new ServletException("Error loading database driver: " + property, e);
        }
    }

    private void addToDB(String str, String[] strArr) throws PAPIException {
        String property = this.config.getProperty(JDBC_URL);
        try {
            long currentTimeMillis = System.currentTimeMillis() + Long.parseLong(this.config.getProperty("poa.lcook_timeout"));
            Connection connection = DriverManager.getConnection(property);
            connection.setReadOnly(false);
            Statement createStatement = connection.createStatement();
            createStatement.executeUpdate("DELETE FROM attributes WHERE Ttl<(UNIX_TIMESTAMP(CURRENT_TIMESTAMP)*100)");
            createStatement.executeUpdate("INSERT INTO attributes VALUES ('" + str + "','" + strArr[0] + "','" + strArr[1] + "'," + currentTimeMillis + ")");
            createStatement.close();
            connection.close();
        } catch (Exception e) {
            throw new PAPIException("Unable to save attributes", e);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Object attribute = httpServletRequest.getAttribute(this.config.getProperty("papifilter.lcook_name"));
        if (attribute == null || !(attribute instanceof Assertion)) {
            log.error("No lcook cookie available");
            forbiddenAccess(httpServletResponse);
            return;
        }
        try {
            String processLCook = processLCook((Assertion) attribute);
            log.debug("UserID: " + processLCook);
            filterChain.doFilter(new Wrapper(httpServletRequest, processLCook), servletResponse);
        } catch (PAPIException e) {
            log.error(e);
            throw new ServletException(e);
        }
    }

    private void forbiddenAccess(HttpServletResponse httpServletResponse) throws IOException {
        log.debug("Access forbidden");
        String property = this.config.getProperty("papifilter.reject_message");
        if (property == null) {
            httpServletResponse.sendError(403);
        } else {
            httpServletResponse.sendError(403, property);
        }
    }

    private String processLCook(Assertion assertion) throws PAPIException {
        UUID randomUUID = UUID.randomUUID();
        Map attributes = assertion.getAttributes();
        for (String str : attributes.keySet()) {
            Iterator it = ((Set) attributes.get(str)).iterator();
            while (it.hasNext()) {
                addToDB(randomUUID.toString(), new String[]{str, it.next().toString()});
            }
        }
        return randomUUID.toString();
    }

    public void destroy() {
        this.filterConfig = null;
        this.config = null;
    }
}
