package pl.edu.icm.synat.portal.web.interceptor;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import pl.edu.icm.synat.common.ui.security.CaptchaService;
import pl.edu.icm.synat.common.ui.servlet.HttpServletRequestUtils;
import pl.edu.icm.synat.common.ui.servlet.MethodAndParametersChangeHttpServletRequest;
import pl.edu.icm.synat.portal.services.antiharvest.RobotDetectorService;

/* loaded from: input_file:WEB-INF/lib/synat-portal-core-1.7.1.jar:pl/edu/icm/synat/portal/web/interceptor/AntiHarvestInterceptor.class */
public class AntiHarvestInterceptor extends HandlerInterceptorAdapter implements InitializingBean {
    private RobotDetectorService robotDetectorService;
    private CaptchaService captchaService;
    public static final String METHOD_PARAM = "method";
    public static final String CAPTCHA_ID_PARAM = "captchaId";
    public static final String CAPTCHA_INPUT_PARAM = "captcha";
    public static final String PREVIOUS_PARAMS = "sourceParams";
    public static final String HARVEST_DETECTED_PAGE = "/identification";
    protected static final Logger LOG = LoggerFactory.getLogger(AntiHarvestInterceptor.class);
    public static final String REDIRECT_URI_PARAM = "redirectURI";
    private static final String[] filteredParameters = {"captchaId", "captcha", "method", REDIRECT_URI_PARAM};

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws IOException, ServletException {
        if (httpServletResponse.isCommitted() || httpServletRequest.getRequestURI().equals(HARVEST_DETECTED_PAGE)) {
            return true;
        }
        if (httpServletRequest.getParameter("captchaId") == null) {
            if (!this.robotDetectorService.analyzeRequest(httpServletRequest)) {
                return true;
            }
            forwardToHarvestPage(httpServletRequest, httpServletResponse, this.captchaService.requestCaptchaId());
            return false;
        }
        String parameter = httpServletRequest.getParameter("captcha");
        String parameter2 = httpServletRequest.getParameter("captchaId");
        if (!this.captchaService.validate(parameter2, parameter)) {
            forwardToHarvestPage(httpServletRequest, httpServletResponse, parameter2);
            return false;
        }
        this.robotDetectorService.reset(httpServletRequest);
        forwardToOriginalPage(httpServletRequest, httpServletResponse);
        return false;
    }

    private void forwardToHarvestPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        httpServletRequest.setAttribute("captchaId", str);
        httpServletRequest.setAttribute("method", httpServletRequest.getMethod());
        httpServletRequest.setAttribute(REDIRECT_URI_PARAM, httpServletRequest.getRequestURI());
        List<String> queryStringParameterNames = HttpServletRequestUtils.getQueryStringParameterNames(httpServletRequest.getQueryString());
        queryStringParameterNames.addAll(Arrays.asList(filteredParameters));
        httpServletRequest.setAttribute(PREVIOUS_PARAMS, HttpServletRequestUtils.filterParametersMap(httpServletRequest.getParameterMap(), (String[]) queryStringParameterNames.toArray(filteredParameters)));
        httpServletRequest.getRequestDispatcher(HARVEST_DETECTED_PAGE).forward(httpServletRequest, httpServletResponse);
    }

    private void forwardToOriginalPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String parameter = httpServletRequest.getParameter(REDIRECT_URI_PARAM);
        httpServletRequest.getRequestDispatcher(parameter).forward(new MethodAndParametersChangeHttpServletRequest(httpServletRequest, httpServletRequest.getParameter("method"), HttpServletRequestUtils.filterParametersMap(httpServletRequest.getParameterMap(), filteredParameters)), httpServletResponse);
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws IOException, ServletException {
        if (httpServletResponse.isCommitted() || modelAndView == null || modelAndView.getModel() == null || !httpServletRequest.getRequestURI().equals(HARVEST_DETECTED_PAGE)) {
            return;
        }
        String str = (String) httpServletRequest.getAttribute(REDIRECT_URI_PARAM);
        String str2 = (String) httpServletRequest.getAttribute("method");
        String str3 = (String) httpServletRequest.getAttribute("captchaId");
        Map map = (Map) httpServletRequest.getAttribute(PREVIOUS_PARAMS);
        modelAndView.addObject(REDIRECT_URI_PARAM, str);
        modelAndView.addObject("method", str2);
        modelAndView.addObject("captchaId", str3);
        modelAndView.addObject(PREVIOUS_PARAMS, map);
    }

    public void setRobotDetectorService(RobotDetectorService robotDetectorService) {
        this.robotDetectorService = robotDetectorService;
    }

    public void setCaptchaService(CaptchaService captchaService) {
        this.captchaService = captchaService;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Assert.notNull(this.robotDetectorService, "robotDetectorService required");
        Assert.notNull(this.captchaService, "captchaService required");
    }
}
