package com.atlassian.plugin.connect.plugin.auth.oauth2;

import com.atlassian.sal.api.auth.AuthenticationController;
import com.atlassian.sal.api.auth.AuthenticationListener;
import com.atlassian.sal.api.auth.Authenticator;
import com.atlassian.sal.api.features.DarkFeatureManager;
import com.atlassian.sal.api.net.Request;
import java.io.IOException;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-connect-server-plugin-2.0.0-39bf8e4.jar:com/atlassian/plugin/connect/plugin/auth/oauth2/DefaultSalAuthenticationFilter.class */
public abstract class DefaultSalAuthenticationFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) DefaultSalAuthenticationFilter.class);
    private final Authenticator authenticator;
    private final AuthenticationListener authenticationListener;
    private final AuthenticationController authenticationController;
    private final DarkFeatureManager darkFeatureManager;
    private final Optional<String> darkFeatureName;

    public DefaultSalAuthenticationFilter(AuthenticationListener authenticationListener, Authenticator authenticator, AuthenticationController authenticationController, DarkFeatureManager darkFeatureManager) {
        this(authenticationListener, authenticator, authenticationController, darkFeatureManager, (Optional<String>) Optional.empty());
    }

    public DefaultSalAuthenticationFilter(AuthenticationListener authenticationListener, Authenticator authenticator, AuthenticationController authenticationController, DarkFeatureManager darkFeatureManager, @Nonnull String str) {
        this(authenticationListener, authenticator, authenticationController, darkFeatureManager, (Optional<String>) Optional.of(str));
    }

    private DefaultSalAuthenticationFilter(@Nonnull AuthenticationListener authenticationListener, @Nonnull Authenticator authenticator, @Nonnull AuthenticationController authenticationController, @Nonnull DarkFeatureManager darkFeatureManager, @Nonnull Optional<String> optional) {
        this.authenticationListener = authenticationListener;
        this.authenticator = authenticator;
        this.authenticationController = authenticationController;
        this.darkFeatureManager = darkFeatureManager;
        this.darkFeatureName = optional;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (mayProceed(getHttpServletRequest(servletRequest), getHttpServletResponse(servletResponse))) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private HttpServletResponse getHttpServletResponse(ServletResponse servletResponse) {
        return (HttpServletResponse) servletResponse;
    }

    private HttpServletRequest getHttpServletRequest(ServletRequest servletRequest) {
        return (HttpServletRequest) servletRequest;
    }

    private boolean authenticationNotAttempted(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.authenticationListener.authenticationNotAttempted(httpServletRequest, httpServletResponse);
        return true;
    }

    private boolean mayProceed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.darkFeatureName.isPresent() && !this.darkFeatureManager.isFeatureEnabledForCurrentUser(this.darkFeatureName.get())) {
            return true;
        }
        if (this.authenticationController.shouldAttemptAuthentication(httpServletRequest) && !isOptions(httpServletRequest)) {
            Authenticator.Result authenticate = this.authenticator.authenticate(httpServletRequest, httpServletResponse);
            switch (authenticate.getStatus()) {
                case SUCCESS:
                    this.authenticationListener.authenticationSuccess(authenticate, httpServletRequest, httpServletResponse);
                    return true;
                case NO_ATTEMPT:
                    this.authenticationListener.authenticationNotAttempted(httpServletRequest, httpServletResponse);
                    return true;
                case FAILED:
                    this.authenticationListener.authenticationFailure(authenticate, httpServletRequest, httpServletResponse);
                    setFailureResponse(authenticate, httpServletResponse);
                    return false;
                case ERROR:
                default:
                    this.authenticationListener.authenticationError(authenticate, httpServletRequest, httpServletResponse);
                    setErrorResponse(authenticate, httpServletResponse);
                    return false;
            }
        }
        return authenticationNotAttempted(httpServletRequest, httpServletResponse);
    }

    private void setErrorResponse(Authenticator.Result result, HttpServletResponse httpServletResponse) {
        sendErrorResponse(httpServletResponse, 500, result);
    }

    private void setFailureResponse(Authenticator.Result result, HttpServletResponse httpServletResponse) {
        sendErrorResponse(httpServletResponse, 403, result);
    }

    private static void sendErrorResponse(HttpServletResponse httpServletResponse, int i, Authenticator.Result result) {
        String message = result.getMessage();
        httpServletResponse.reset();
        try {
            httpServletResponse.sendError(i, message);
        } catch (IOException e) {
            log.error("Encountered IOException while trying to report an authentication failure.", (Throwable) e);
            httpServletResponse.reset();
            httpServletResponse.setStatus(i);
        }
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    private static boolean isOptions(HttpServletRequest httpServletRequest) {
        return Request.MethodType.OPTIONS.name().equalsIgnoreCase(httpServletRequest.getMethod());
    }
}
