package org.simplericity.serberuhs.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.simplericity.serberuhs.DefaultKerberosSubjectFactory;
import org.simplericity.serberuhs.KerberosSubjectFactory;
import org.simplericity.serberuhs.SpNego;
import org.simplericity.serberuhs.SpNegoResult;

/* loaded from: input_file:org/simplericity/serberuhs/filter/KerberosFilter.class */
public class KerberosFilter implements Filter {
    private KerberosSubjectFactory factory;
    private KerberosFilterConfiguration configuration;
    public static final String AUTORIZED_PRINCIPAL_SESSION_ATTRIBUTE = KerberosFilter.class.getName() + "_AUTHORIZED_PRINCIPAL";

    public final void init(FilterConfig filterConfig) throws ServletException {
        DefaultKerberosSubjectFactory defaultKerberosSubjectFactory = new DefaultKerberosSubjectFactory();
        KerberosFilterConfiguration createConfiguration = createConfiguration(filterConfig);
        this.configuration = createConfiguration;
        defaultKerberosSubjectFactory.setConfiguration(createConfiguration);
        this.factory = defaultKerberosSubjectFactory;
    }

    protected KerberosFilterConfiguration createConfiguration(FilterConfig filterConfig) {
        return new DefaultFilterConfiguration(filterConfig);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!this.configuration.isEnabled()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        SpNego createSpNego = createSpNego();
        createSpNego.negotiate(this.factory.getSubject(), httpServletRequest, httpServletResponse);
        if (createSpNego.getResult() == SpNegoResult.AUTHORIZED) {
            handleSuccessfulAuthorization(createSpNego.getAuthorizedPrincipal(), httpServletRequest, httpServletResponse, filterChain);
        } else if (createSpNego.getResult() == SpNegoResult.MISSING_AUTHORIZATION_HEADER) {
            handleMissingAuthorizationHeader(httpServletRequest, httpServletResponse, filterChain);
        } else {
            handleUnsuccessfulAutorization(createSpNego, httpServletRequest, httpServletResponse, filterChain);
        }
    }

    protected SpNego createSpNego() {
        return new SpNego();
    }

    public void setFactory(KerberosSubjectFactory kerberosSubjectFactory) {
        this.factory = kerberosSubjectFactory;
    }

    public void setConfiguration(KerberosFilterConfiguration kerberosFilterConfiguration) {
        this.configuration = kerberosFilterConfiguration;
    }

    protected void dispatchToFallback(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (this.configuration.getFallbackLoginPath() != null) {
            httpServletRequest.getRequestDispatcher(this.configuration.getFallbackLoginPath()).forward(httpServletRequest, httpServletResponse);
        }
    }

    protected void handleMissingAuthorizationHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        dispatchToFallback(httpServletRequest, httpServletResponse);
    }

    protected void handleUnsuccessfulAutorization(SpNego spNego, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        dispatchToFallback(httpServletRequest, httpServletResponse);
    }

    protected void handleSuccessfulAuthorization(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        exposeSessionAttribute(str, httpServletRequest);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    protected void exposeSessionAttribute(String str, HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().setAttribute(AUTORIZED_PRINCIPAL_SESSION_ATTRIBUTE, str);
    }

    public void destroy() {
    }
}
