package it.attocchi.web.auth;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;

/* loaded from: input_file:it/attocchi/web/auth/AuthenticationFilter.class */
public class AuthenticationFilter implements Filter {
    private static Logger logger = Logger.getLogger(AuthenticationFilter.class.getName());
    FilterConfig config = null;
    ServletContext servletContext = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.config = filterConfig;
        this.servletContext = this.config.getServletContext();
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        logger.debug("Filtro Autenticazione");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.getSession();
        String servletPath = httpServletRequest.getServletPath();
        logger.debug("requestPath " + servletPath);
        String str = null;
        if (servletPath != null) {
            try {
                if (servletPath.endsWith("index.xhtml") || servletPath.endsWith("login.xhtml")) {
                    logger.debug("Richiesta una pagina fra quelle speciali, esco dal filtro");
                    filterChain.doFilter(servletRequest, servletResponse);
                    return;
                }
            } catch (RuntimeException e) {
                logger.error("Errore nel Filtro Autenticazione");
                logger.error(e);
                filterChain.doFilter(servletRequest, servletResponse);
                httpServletResponse.sendError(401);
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/index.jsp");
            }
        }
        String header = httpServletRequest.getHeader("user-agent");
        if (header == null || header.indexOf("MSIE") <= -1) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            logger.debug("USER-AGENT: " + header);
            String header2 = httpServletRequest.getHeader("Authorization");
            if (header2 == null) {
                logger.debug("STEP1: SC_UNAUTHORIZED");
                httpServletResponse.setStatus(401);
                httpServletResponse.setHeader("WWW-Authenticate", "NTLM");
                httpServletResponse.flushBuffer();
                return;
            }
            if (header2.startsWith("NTLM ")) {
                logger.debug("STEP2: NTLM");
                byte[] decodeBase64 = Base64.decodeBase64(header2.substring(5));
                if (decodeBase64[8] == 1) {
                    logger.debug("STEP2a: NTLM");
                    httpServletResponse.setHeader("WWW-Authenticate", "NTLM " + Base64.encodeBase64String(new byte[]{78, 84, 76, 77, 83, 83, 80, 0, 2, 0, 0, 0, 0, 0, 0, 0, 40, 0, 0, 0, 1, -126, 0, 0, 0, 2, 2, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}));
                    httpServletResponse.sendError(401);
                    return;
                } else if (decodeBase64[8] == 3) {
                    logger.debug("STEP2b: read data");
                    String str2 = new String(decodeBase64, (decodeBase64[30 + 19] * 256) + decodeBase64[30 + 18], (decodeBase64[30 + 17] * 256) + decodeBase64[30 + 16]);
                    String str3 = new String(decodeBase64, (decodeBase64[30 + 3] * 256) + decodeBase64[30 + 2], (decodeBase64[30 + 1] * 256) + decodeBase64[30]);
                    str = new String(decodeBase64, (decodeBase64[30 + 11] * 256) + decodeBase64[30 + 10], (decodeBase64[30 + 9] * 256) + decodeBase64[30 + 8]).trim().replace((char) 0, ' ').replaceAll(" ", "");
                    String replaceAll = str2.trim().replace((char) 0, ' ').replaceAll(" ", "");
                    String replaceAll2 = str3.trim().replace((char) 0, ' ').replaceAll(" ", "");
                    logger.debug("Username: " + str);
                    logger.debug("RemoteHost: " + replaceAll);
                    logger.debug("Domain: " + replaceAll2);
                }
            }
        }
        logger.debug("Fine Filtro Autenticazione");
    }

    public void destroy() {
        logger.debug("");
    }
}
