package com.erigir.wrench.shiro;

import com.erigir.wrench.shiro.provider.OauthProvider;
import com.erigir.wrench.shiro.provider.ProviderRegistry;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.UUID;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/erigir/wrench/shiro/DynamicOauthLoginFilter.class */
public class DynamicOauthLoginFilter implements Filter {
    private static final Logger LOG = LoggerFactory.getLogger(DynamicOauthLoginFilter.class);
    public static final String DYNAMIC_RETURN_URL_KEY = "shiro-oauth-dynamic-return-url";
    public static final String DYNAMIC_SERVICE_NONCE_KEY = "shiro-oauth-dynamic-service-nonce";
    private String proxyHostHeader = "Host";
    private String proxySchemeHeader = "X-Forwarded-Proto";
    private ProviderRegistry providerRegistry;
    private String providerSelectorUrl;
    private String oauthServiceEndpoint;
    private boolean useProxyHeaders;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.providerRegistry.isEmpty()) {
            throw new IllegalStateException("Misconfigured - there are no providers in the registry");
        }
        OauthProvider singleProvider = this.providerRegistry.singleProvider();
        if (singleProvider == null) {
            singleProvider = this.providerRegistry.getProviderByName(httpServletRequest.getParameter("p"));
        } else {
            LOG.debug("There is only a single provider, using it");
        }
        if (singleProvider == null) {
            if (this.providerSelectorUrl == null) {
                throw new IllegalStateException("Invalid configuration - no provider selector url set");
            }
            LOG.debug("No provider selected, redirecting to providerSelectorUrl : {}", this.providerSelectorUrl);
            httpServletResponse.sendRedirect(this.providerSelectorUrl);
            return;
        }
        LOG.debug("Using provider {}", singleProvider);
        this.providerRegistry.storeProviderForSession(singleProvider);
        String substring = UUID.randomUUID().toString().substring(0, 8);
        SecurityUtils.getSubject().getSession().setAttribute(DYNAMIC_SERVICE_NONCE_KEY, substring);
        String buildServiceUrl = buildServiceUrl(httpServletRequest);
        SecurityUtils.getSubject().getSession().setAttribute(DYNAMIC_RETURN_URL_KEY, buildServiceUrl);
        String createEndpoint = singleProvider.createEndpoint(buildServiceUrl, substring);
        LOG.debug("Login - redirecting to oauth server {}", createEndpoint);
        httpServletResponse.sendRedirect(createEndpoint);
    }

    private String buildServiceUrl(ServletRequest servletRequest) {
        StringBuilder sb = new StringBuilder();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        dumpHeaders(httpServletRequest);
        sb.append(calculateScheme(httpServletRequest));
        sb.append("://");
        sb.append(calculateHost(httpServletRequest));
        String contextPath = servletRequest.getServletContext().getContextPath();
        String str = contextPath == null ? "" : contextPath;
        sb.append(str);
        if (!this.oauthServiceEndpoint.startsWith("/") && !str.endsWith("/")) {
            sb.append("/");
        }
        sb.append(this.oauthServiceEndpoint);
        return sb.toString();
    }

    private void dumpHeaders(HttpServletRequest httpServletRequest) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("--- Headers ---");
            Iterator it = Collections.list(httpServletRequest.getHeaderNames()).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                LOG.debug("{} = {}", str, httpServletRequest.getHeader(str));
            }
            LOG.debug("--- End Headers ---");
        }
    }

    private String calculateScheme(HttpServletRequest httpServletRequest) {
        String str = null;
        if (this.useProxyHeaders) {
            str = httpServletRequest.getHeader(this.proxySchemeHeader);
        }
        if (str == null) {
            str = httpServletRequest.getScheme();
        }
        return str;
    }

    private String calculateHost(HttpServletRequest httpServletRequest) {
        String str = null;
        if (this.useProxyHeaders) {
            str = httpServletRequest.getHeader(this.proxyHostHeader);
        }
        if (str == null) {
            str = httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort();
        }
        return str;
    }

    public void destroy() {
    }

    public void setOauthServiceEndpoint(String str) {
        this.oauthServiceEndpoint = str;
    }

    public void setProviderRegistry(ProviderRegistry providerRegistry) {
        this.providerRegistry = providerRegistry;
    }

    public void setProviderSelectorUrl(String str) {
        this.providerSelectorUrl = str;
    }

    public void setUseProxyHeaders(boolean z) {
        this.useProxyHeaders = z;
    }

    public void setProxyHostHeader(String str) {
        this.proxyHostHeader = str;
    }

    public void setProxySchemeHeader(String str) {
        this.proxySchemeHeader = str;
    }
}
