package org.pentaho.platform.web.http.security;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.engine.core.solution.PentahoSessionParameterProvider;
import org.pentaho.platform.engine.core.system.PentahoSystem;
import org.pentaho.platform.engine.security.SecurityHelper;
import org.pentaho.platform.web.http.PentahoHttpSessionHelper;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;

/* loaded from: input_file:org/pentaho/platform/web/http/security/SecurityStartupFilter.class */
public class SecurityStartupFilter implements Filter {
    private static final Log logger = LogFactory.getLog(SecurityStartupFilter.class);
    public static String anonymousUser;
    private boolean injectAnonymous = true;

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        IPentahoSession pentahoSession = getPentahoSession(httpServletRequest);
        String remoteUser = httpServletRequest.getRemoteUser();
        if (remoteUser == null) {
            if (this.injectAnonymous) {
                pentahoSession.setAuthenticated(getAnonymousUser());
            }
            filterChain.doFilter(httpServletRequest, servletResponse);
            return;
        }
        boolean z = false;
        if (!pentahoSession.isAuthenticated() || isAnonymous(pentahoSession)) {
            if (isAnonymous(pentahoSession)) {
                z = true;
            }
            pentahoSession.setAuthenticated(remoteUser);
        }
        if (SecurityHelper.getPrincipal(pentahoSession) == null || z) {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (logger.isDebugEnabled()) {
                logger.debug(authentication);
            }
            SecurityHelper.setPrincipal(authentication, pentahoSession);
            try {
                PentahoSystem.sessionStartup(pentahoSession, new PentahoSessionParameterProvider(pentahoSession));
            } catch (Exception e) {
                logger.error(e.getLocalizedMessage(), e);
            }
        }
        filterChain.doFilter(httpServletRequest, servletResponse);
    }

    protected IPentahoSession getPentahoSession(HttpServletRequest httpServletRequest) {
        return PentahoHttpSessionHelper.getPentahoSession(httpServletRequest);
    }

    public void setInjectAnonymous(boolean z) {
        this.injectAnonymous = z;
    }

    protected String getAnonymousUser() {
        if (anonymousUser == null) {
            anonymousUser = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-user", "anonymousUser");
        }
        return anonymousUser;
    }

    protected boolean isAnonymous(IPentahoSession iPentahoSession) {
        return getAnonymousUser().equals(iPentahoSession.getName());
    }
}
