package com.baijia.commons.validation;

import com.baijia.commons.authentication.Assertion;
import com.baijia.commons.authentication.BaseResponse;
import com.baijia.commons.dession.cache.SessionCache;
import com.baijia.commons.session.AbstractPassportFilter;
import com.baijia.commons.util.PPCommonUtils;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:com/baijia/commons/validation/PassportTicketValidationFilter.class */
public class PassportTicketValidationFilter extends AbstractPassportFilter {
    private TicketValidator ticketValidator;
    private boolean redirectAfterValidation = false;
    private boolean exceptionOnValidationFailure = true;
    private boolean useSession = true;
    private SessionCache sessionCache;

    protected TicketValidator getTicketValidator(FilterConfig filterConfig) {
        return this.ticketValidator;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.baijia.commons.session.AbstractPassportFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        setExceptionOnValidationFailure(parseBoolean(getPropertyFromInitParams(filterConfig, "exceptionOnValidationFailure", "true")));
        this.logger.trace("Setting exceptionOnValidationFailure parameter: " + this.exceptionOnValidationFailure);
        setRedirectAfterValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "redirectAfterValidation", "true")));
        this.logger.trace("Setting redirectAfterValidation parameter: " + this.redirectAfterValidation);
        setUseSession(parseBoolean(getPropertyFromInitParams(filterConfig, "useSession", "true")));
        this.logger.trace("Setting useSession parameter: " + this.useSession);
        setTicketValidator(new PassportTicketValidator(this.passportConfig.getServerValidate(), this.passportConfig.getAppId()));
        this.sessionCache = (SessionCache) WebApplicationContextUtils.getWebApplicationContext(filterConfig.getServletContext()).getBean(SessionCache.class);
        super.initInternal(filterConfig);
    }

    @Override // com.baijia.commons.session.AbstractPassportFilter
    public void init() {
        super.init();
        PPCommonUtils.assertNotNull(this.ticketValidator, "ticketValidator cannot be null.");
    }

    protected boolean preFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        return true;
    }

    protected void onSuccessfulValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Assertion assertion) {
        String safeGetParameter = PPCommonUtils.safeGetParameter(httpServletRequest, getArtifactParameterName());
        HttpSession session = httpServletRequest.getSession();
        this.sessionCache.set(safeGetParameter, session);
        if (this.useSession) {
            session.setAttribute(AbstractPassportFilter.CONST_PASSPORT_ASSERTION, assertion);
        }
    }

    protected void onFailedValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (preFilter(servletRequest, servletResponse, filterChain)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String safeGetParameter = PPCommonUtils.safeGetParameter(httpServletRequest, getArtifactParameterName());
            if (PPCommonUtils.isNotBlank(safeGetParameter)) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Attempting to validate ticket: " + safeGetParameter);
                }
                try {
                    BaseResponse validate = this.ticketValidator.validate(safeGetParameter, constructServiceUrl(httpServletRequest, httpServletResponse));
                    if (validate.getStatus() != 1000) {
                        if (this.logger.isDebugEnabled()) {
                            this.logger.debug("|Passport| server validate ticket wrong! response:" + validate);
                        }
                        httpServletResponse.sendRedirect(this.passportConfig.getClientLoginAddr() + "?errCode=" + validate.getStatus());
                        return;
                    } else {
                        Assertion assertion = validate.getAssertion();
                        this.logger.info("|Passport|Successfully authenticated user: " + assertion.getChainedAuthentications().get(0).getPrincipal().getId());
                        onSuccessfulValidation(httpServletRequest, httpServletResponse, assertion);
                        if (this.redirectAfterValidation) {
                            this.logger.debug("Redirecting after successful ticket validation.");
                            httpServletResponse.sendRedirect(constructServiceUrl(httpServletRequest, httpServletResponse));
                            return;
                        }
                    }
                } catch (TicketValidationException e) {
                    httpServletResponse.setStatus(403);
                    this.logger.error("validate pp_ticket error", e);
                    onFailedValidation(httpServletRequest, httpServletResponse);
                    if (this.exceptionOnValidationFailure) {
                        throw new ServletException(e);
                    }
                    httpServletResponse.sendRedirect(this.passportConfig.getClientLoginAddr());
                    return;
                }
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    public final void setTicketValidator(TicketValidator ticketValidator) {
        this.ticketValidator = ticketValidator;
    }

    public final void setRedirectAfterValidation(boolean z) {
        this.redirectAfterValidation = z;
    }

    public final void setExceptionOnValidationFailure(boolean z) {
        this.exceptionOnValidationFailure = z;
    }

    public final void setUseSession(boolean z) {
        this.useSession = z;
    }
}
