package org.pentaho.platform.web.http.filters;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.StringTokenizer;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.engine.IParameterProvider;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.api.engine.IUserDetailsRoleListService;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContext;

/* loaded from: input_file:org/pentaho/platform/web/http/filters/ProxyTrustingFilter.class */
public class ProxyTrustingFilter implements Filter {
    FilterConfig filterConfig;
    String[] trustedIpAddrs = null;
    private static final Log logger = LogFactory.getLog(ProxyTrustingFilter.class);

    public Log getLogger() {
        return logger;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        this.trustedIpAddrs = null;
        String initParameter = this.filterConfig.getInitParameter("TrustedIpAddrs");
        if (initParameter != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(initParameter, ",");
            ArrayList arrayList = new ArrayList();
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                if (trim.length() > 0) {
                    arrayList.add(trim);
                }
            }
            if (arrayList.size() > 0) {
                this.trustedIpAddrs = (String[]) arrayList.toArray(new String[0]);
            }
        }
    }

    boolean isTrusted(String str) {
        if (this.trustedIpAddrs == null) {
            return false;
        }
        for (String str2 : this.trustedIpAddrs) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String parameter;
        if (this.trustedIpAddrs != null && (servletRequest instanceof HttpServletRequest)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (isTrusted(httpServletRequest.getRemoteAddr()) && (parameter = servletRequest.getParameter("_TRUST_USER_")) != null && parameter.length() > 0) {
                boolean z = false;
                IPentahoSession iPentahoSession = (IPentahoSession) httpServletRequest.getSession().getAttribute("pentaho-session");
                if (iPentahoSession != null && (iPentahoSession.getName() == null || !parameter.equals(iPentahoSession.getName()))) {
                    z = true;
                }
                IUserDetailsRoleListService userDetailsRoleListService = PentahoSystem.getUserDetailsRoleListService();
                if (z || (iPentahoSession == null && userDetailsRoleListService != null)) {
                    HttpSession session = httpServletRequest.getSession();
                    IPentahoSession effectiveUserSession = userDetailsRoleListService.getEffectiveUserSession(parameter, (IParameterProvider) null);
                    if (iPentahoSession != null) {
                        copyAttributesBetweenSessions(effectiveUserSession, iPentahoSession);
                        effectiveUserSession = iPentahoSession;
                    }
                    Authentication authentication = (Authentication) effectiveUserSession.getAttribute("SECURITY_PRINCIPAL");
                    session.setAttribute("pentaho-session", effectiveUserSession);
                    SecurityContext securityContext = new SecurityContext() { // from class: org.pentaho.platform.web.http.filters.ProxyTrustingFilter.1
                        private static final long serialVersionUID = 1;
                        private Authentication authentication;

                        public Authentication getAuthentication() {
                            return this.authentication;
                        }

                        public void setAuthentication(Authentication authentication2) {
                            this.authentication = authentication2;
                        }
                    };
                    securityContext.setAuthentication(authentication);
                    session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
                    PentahoSessionHolder.setSession(effectiveUserSession);
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void copyAttributesBetweenSessions(IPentahoSession iPentahoSession, IPentahoSession iPentahoSession2) {
        Iterator attributeNames = iPentahoSession2.getAttributeNames();
        while (attributeNames.hasNext()) {
            iPentahoSession2.removeAttribute((String) attributeNames.next());
        }
        Iterator attributeNames2 = iPentahoSession.getAttributeNames();
        while (attributeNames2.hasNext()) {
            String str = (String) attributeNames2.next();
            iPentahoSession2.setAttribute(str, iPentahoSession.getAttribute(str));
        }
    }

    public void destroy() {
    }

    public static void main(String[] strArr) {
    }
}
