package ch.vd.shared.iam.web.filter.auth;

import ch.vd.shared.iam.core.filter.auth.IamAuthentication;
import ch.vd.shared.iam.web.common.IamConstants;
import ch.vd.shared.iam.web.common.RequestHelper;
import java.io.IOException;
import java.util.Objects;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:ch/vd/shared/iam/web/filter/auth/FormDevLoginSpringFilter.class */
public class FormDevLoginSpringFilter extends AbstractSharedIamAuthenticationFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(FormDevLoginSpringFilter.class);
    public static final String DEV_LOGIN_USERNAME = "dl-username";
    public static final String DEV_LOGIN_ROLES = "dl-roles";
    public static final String DEV_LOGIN_FIRST = "dl-first";
    public static final String DEV_LOGIN_LAST = "dl-last";
    public static final String DEV_LOGIN_EMAIL = "dl-email";
    public static final String SPRING_SECURITY_URL = "/j_spring_security_check";
    private String successUrl;
    private String deniedUrl;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        boolean z;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        IamRequestWrapper iamRequestWrapper = new IamRequestWrapper(httpServletRequest);
        RequestHelper.dumpRequestForDebug(httpServletRequest);
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            long nanoTime = System.nanoTime();
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            httpServletResponse.addHeader("iamstats-app-response-time", "D=" + ((System.nanoTime() - nanoTime) / 1000));
            return;
        }
        if (substring.endsWith(SPRING_SECURITY_URL)) {
            String parameter = httpServletRequest.getParameter(DEV_LOGIN_USERNAME);
            String parameter2 = httpServletRequest.getParameter(DEV_LOGIN_ROLES);
            if (StringUtils.isNotBlank(parameter) && StringUtils.isNotBlank(parameter2)) {
                String str2 = "";
                for (String str3 : parameter2.split(",")) {
                    if (str2.length() > 0) {
                        str2 = str2 + "|";
                    }
                    str2 = str2 + "cn=dl-app-" + str3 + ",dc=etat-de-vaud,dc=ch";
                }
                LOGGER.info("Le devlogin est activé. POST sur //j_spring_security_check avec " + parameter + " / " + str2);
                String parameter3 = httpServletRequest.getParameter(DEV_LOGIN_FIRST);
                String parameter4 = httpServletRequest.getParameter(DEV_LOGIN_LAST);
                String parameter5 = httpServletRequest.getParameter(DEV_LOGIN_EMAIL);
                Objects.requireNonNull(parameter3, "Pas de first name");
                Objects.requireNonNull(parameter4, "Pas de last name");
                String parameter6 = httpServletRequest.getParameter(IamConstants.IAM_HEADER_AUTHLEVEL);
                authenticate(new AuthenticateDTO(parameter, parameter, "dl-app", str2, parameter3, parameter4, parameter5, parameter6 != null ? Integer.valueOf(Integer.parseInt(parameter6)) : null, httpServletRequest.getParameter(IamConstants.IAM_HEADER_LASTLOGIN)));
                String str4 = (String) httpServletRequest.getSession().getAttribute(AbstractSharedIamAuthenticationFilter.IAM_AUTH_SAVED_PATH);
                if (str4 != null) {
                    LOGGER.info("Le devlogin est successful. Redirection -> " + str4);
                    httpServletResponse.sendRedirect(str4);
                    str = str4;
                } else {
                    LOGGER.info("Le devlogin est successful. Redirection -> " + this.successUrl);
                    relativeRedirect(iamRequestWrapper, httpServletResponse, this.successUrl);
                    str = this.successUrl;
                }
                z = true;
            } else {
                LOGGER.warn("Le devlogin est activé, mais pas de username ni roles. Url='" + httpServletRequest.getRequestURI() + "' Redirection -> " + this.deniedUrl);
                relativeRedirect(iamRequestWrapper, httpServletResponse, this.deniedUrl);
                str = this.deniedUrl;
                z = false;
            }
        } else {
            relativeRedirect(iamRequestWrapper, httpServletResponse, this.deniedUrl);
            str = this.deniedUrl;
            z = false;
        }
        IamAuthentication authentication2 = SecurityContextHolder.getContext().getAuthentication();
        if (z) {
            RequestHelper.logRequestInfos(iamRequestWrapper, httpServletResponse, "AUTH-OK Redirect to '" + str + "'", getUsernameForLog(iamRequestWrapper), authentication2 != null ? authentication2.getAllRoles() : null);
        } else {
            RequestHelper.logRequestInfos(iamRequestWrapper, httpServletResponse, "AUTH-KO Redirect to '" + str + "'", getUsernameForLog(iamRequestWrapper), authentication2 != null ? authentication2.getAllRoles() : null);
        }
    }

    public void setSuccessUrl(String str) {
        this.successUrl = str;
    }

    public void setDeniedUrl(String str) {
        this.deniedUrl = str;
    }
}
