package fi.vm.sade.security;

import fi.vm.sade.generic.rest.CachingRestClient;
import java.io.IOException;
import java.util.HashSet;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.spi.LocationInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:WEB-INF/lib/generic-common-9.3-SNAPSHOT.jar:fi/vm/sade/security/UrlRewriteFilter.class */
public class UrlRewriteFilter implements Filter {
    public static final String ALREADY_PROCESSED = UrlRewriteFilter.class.getName() + "_alreadyProcessed";
    private static final Logger logger = LoggerFactory.getLogger(UrlRewriteFilter.class);

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (!"true".equals(httpServletRequest.getAttribute(ALREADY_PROCESSED))) {
                String header = httpServletRequest.getHeader(CachingRestClient.CAS_SECURITY_TICKET);
                String header2 = httpServletRequest.getHeader("oldDeprecatedSecurity_REMOVE_username");
                String header3 = httpServletRequest.getHeader("oldDeprecatedSecurity_REMOVE_authorities");
                if ("oldDeprecatedSecurity_REMOVE".equals(header)) {
                    HashSet hashSet = new HashSet();
                    if (header3 != null) {
                        for (String str : header3.split(",")) {
                            hashSet.add(new SimpleGrantedAuthority(str));
                        }
                    }
                    PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(header2, header2, hashSet);
                    logger.warn("MOCK service call, request: {}, authentication: {}", httpServletRequest.getRequestURL().append(LocationInfo.NA).append(httpServletRequest.getQueryString()), preAuthenticatedAuthenticationToken);
                    SecurityContextHolder.getContext().setAuthentication(preAuthenticatedAuthenticationToken);
                    forward(httpServletRequest, servletResponse, "oldDeprecatedSecurity_REMOVE", "true");
                    return;
                }
                if (header != null) {
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void forward(HttpServletRequest httpServletRequest, ServletResponse servletResponse, String str, String str2) throws ServletException, IOException {
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.startsWith(httpServletRequest.getContextPath())) {
            requestURI = requestURI.substring(httpServletRequest.getContextPath().length());
        }
        String str3 = (requestURI.contains(LocationInfo.NA) ? requestURI + BeanFactory.FACTORY_BEAN_PREFIX : requestURI + LocationInfo.NA) + str + "=" + str2;
        logger.debug("WARNING - UrlRewriteFilter forward to: {}", str3);
        httpServletRequest.setAttribute(ALREADY_PROCESSED, "true");
        httpServletRequest.getRequestDispatcher(str3).forward(httpServletRequest, servletResponse);
    }

    public void destroy() {
    }
}
