package fr.paris.lutece.plugins.mylutece.modules.oauth2.web;

import fr.paris.lutece.plugins.mylutece.modules.oauth2.authentication.AuthDataClient;
import fr.paris.lutece.plugins.mylutece.modules.oauth2.authentication.Oauth2Authentication;
import fr.paris.lutece.plugins.mylutece.modules.oauth2.authentication.Oauth2User;
import fr.paris.lutece.plugins.mylutece.modules.oauth2.service.Oauth2LuteceUserSessionService;
import fr.paris.lutece.plugins.oauth2.service.TokenService;
import fr.paris.lutece.portal.service.security.LuteceUser;
import fr.paris.lutece.portal.service.security.SecurityService;
import fr.paris.lutece.portal.service.spring.SpringContextService;
import fr.paris.lutece.portal.service.util.AppPropertiesService;
import fr.paris.lutece.portal.web.PortalJspBean;
import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:fr/paris/lutece/plugins/mylutece/modules/oauth2/web/MyluteceOauth2Filter.class */
public class MyluteceOauth2Filter implements Filter {
    public static final String SESSION_MYLUTECE_OAUTH2_FILTER_ENABLE = "enable";
    public static final String PARAM_PROMPT_NONE = "prompt=none";
    private static final String PROPERTY_USE_PROMPT_NONE = "mylutece-oauth2.usePromptNone";
    private static final String PROPERTY_VALIDATE_REFRESH_TOKEN = "mylutece-oauth2.validateRefreshToken";
    private boolean _bUsePromptNone;
    private boolean _bValidateRefreshToken;

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        LuteceUser httpAuthenticatedUser;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (httpServletRequest != null && "GET".equals(httpServletRequest.getMethod())) {
            LuteceUser registeredUser = SecurityService.getInstance().getRegisteredUser(httpServletRequest);
            if (registeredUser == null && this._bUsePromptNone) {
                HttpSession session = httpServletRequest.getSession(true);
                if ((session.getAttribute(AuthDataClient.SESSION_ERROR_LOGIN) == null && httpServletRequest.getParameter(AuthDataClient.PARAM_ERROR_LOGIN) == null) || (session.getAttribute(AuthDataClient.SESSION_ERROR_LOGIN) != null && session.getAttribute(AuthDataClient.SESSION_ERROR_LOGIN).equals(AuthDataClient.REINIT_ERROR_LOGIN))) {
                    session.setAttribute(AuthDataClient.SESSION_ERROR_LOGIN, AuthDataClient.REINIT_ERROR_LOGIN);
                    httpServletResponse.sendRedirect(PortalJspBean.redirectLogin(httpServletRequest) + "&complementary_parameter=" + URLEncoder.encode(PARAM_PROMPT_NONE));
                    return;
                }
                session.setAttribute(AuthDataClient.SESSION_ERROR_LOGIN, AuthDataClient.REINIT_ERROR_LOGIN);
            } else if (this._bValidateRefreshToken && (registeredUser instanceof Oauth2User)) {
                Oauth2User oauth2User = (Oauth2User) registeredUser;
                if (oauth2User.getToken() != null && oauth2User.getToken().getRefreshToken() != null && !TokenService.getService().validateRefreshToken(oauth2User.getToken().getRefreshToken())) {
                    SecurityService.getInstance().logoutUser(httpServletRequest);
                }
            }
            if (!Oauth2LuteceUserSessionService.getInstance().isLuteceUserUpToDate(httpServletRequest.getSession(true).getId()) && (httpAuthenticatedUser = ((Oauth2Authentication) SpringContextService.getBean("mylutece-oauth2.authentication")).getHttpAuthenticatedUser(httpServletRequest)) != null) {
                SecurityService.getInstance().registerUser(httpServletRequest, httpAuthenticatedUser);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this._bUsePromptNone = AppPropertiesService.getPropertyBoolean(PROPERTY_USE_PROMPT_NONE, false);
        this._bValidateRefreshToken = AppPropertiesService.getPropertyBoolean(PROPERTY_VALIDATE_REFRESH_TOKEN, false);
    }
}
