package com.baijia.commons.authentication;

import com.baijia.commons.session.AbstractPassportFilter;
import com.baijia.commons.util.PPCommonUtils;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/baijia/commons/authentication/AuthenticationFilter.class */
public class AuthenticationFilter extends AbstractPassportFilter {
    private String casServerLoginUrl;
    private boolean renew = false;
    private boolean gateway = false;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.baijia.commons.session.AbstractPassportFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        if (!isIgnoreInitConfiguration()) {
            super.initInternal(filterConfig);
            setCasServerLoginUrl(getPropertyFromInitParams(filterConfig, "casServerLoginUrl", null));
            this.logger.trace("Loaded CasServerLoginUrl parameter: " + this.casServerLoginUrl);
            setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false")));
            this.logger.trace("Loaded renew parameter: " + this.renew);
            setGateway(parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false")));
            this.logger.trace("Loaded gateway parameter: " + this.gateway);
        }
        setCasServerLoginUrl(this.passportConfig.getServerLogin());
    }

    @Override // com.baijia.commons.session.AbstractPassportFilter
    public void init() {
        super.init();
        PPCommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession(false);
        Assertion assertion = session != null ? (Assertion) session.getAttribute(AbstractPassportFilter.CONST_PASSPORT_ASSERTION) : null;
        String safeGetParameter = PPCommonUtils.safeGetParameter(httpServletRequest, getArtifactParameterName());
        this.logger.info("pp_ticket :" + safeGetParameter);
        String parameter = httpServletRequest.getParameter("tick");
        if (StringUtils.isBlank(parameter)) {
            parameter = httpServletRequest.getHeader("tick");
        }
        this.logger.info("tick :" + parameter);
        if (assertion != null) {
            if (!StringUtils.isNotBlank(parameter)) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            if (parameter.equals(assertion.getAccountNumber().toString())) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("client-filter equals|tick:{},accountNumber:{}", parameter, assertion.getAccountNumber());
                }
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("client-filter not equals|tick:{},accountNumber:{}", parameter, assertion.getAccountNumber());
            }
            if (StringUtils.isBlank(safeGetParameter)) {
                session.invalidate();
                Cookie cookie = new Cookie("_const_passport_id_", "");
                cookie.setMaxAge(0);
                cookie.setDomain(".genshuixue.com");
                httpServletResponse.addCookie(cookie);
            }
        }
        String constructServiceUrl = constructServiceUrl(httpServletRequest, httpServletResponse);
        this.logger.info("serviceUrl :" + constructServiceUrl);
        if (PPCommonUtils.isNotBlank(safeGetParameter)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("no ticket and no assertion found");
            this.logger.debug("Constructed service url: " + constructServiceUrl);
        }
        if (httpServletRequest.getRequestURL().toString().equalsIgnoreCase(this.passportConfig.getClientLoginAddr())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String constructRedirectUrl = PPCommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), constructServiceUrl, this.appId);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("redirecting to \"" + constructRedirectUrl + "\"");
        }
        httpServletResponse.addHeader("P3P", "CP=CAO PSA OUR");
        httpServletResponse.sendRedirect(constructRedirectUrl);
    }

    public final void setRenew(boolean z) {
        this.renew = z;
    }

    public final void setGateway(boolean z) {
        this.gateway = z;
    }

    public final void setCasServerLoginUrl(String str) {
        this.casServerLoginUrl = str;
    }
}
