package com.liferay.portal.servlet.filters.autologin;

import com.liferay.osgi.service.tracker.collections.list.ServiceTrackerList;
import com.liferay.osgi.service.tracker.collections.list.ServiceTrackerListFactory;
import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.module.util.SystemBundleUtil;
import com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManagerUtil;
import com.liferay.portal.kernel.security.auto.login.AutoLogin;
import com.liferay.portal.kernel.security.pwd.PasswordEncryptorUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.servlet.ProtectedServletRequest;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.kernel.util.StackTraceUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.URLCodec;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.servlet.filters.BasePortalFilter;
import com.liferay.portal.util.PortalInstances;
import com.liferay.portal.util.PropsValues;
import java.util.Iterator;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/liferay/portal/servlet/filters/autologin/AutoLoginFilter.class */
public class AutoLoginFilter extends BasePortalFilter {
    private static final String _PATH_CHAT_LATEST = "/-/chat/latest";
    private static final Log _log = LogFactoryUtil.getLog(AutoLoginFilter.class);
    private static final ServiceTrackerList<AutoLogin> _autoLogins = ServiceTrackerListFactory.open(SystemBundleUtil.getBundleContext(), AutoLogin.class, "(!(private.auto.login=*))");

    protected String getLoginRemoteUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession, String[] strArr) throws Exception {
        User fetchUserById;
        if (strArr == null || strArr.length != 3) {
            return null;
        }
        String str = strArr[0];
        String str2 = strArr[1];
        if (Validator.isNull(str) || Validator.isNull(str2)) {
            return null;
        }
        long j = GetterUtil.getLong(str);
        if (j <= 0 || (fetchUserById = UserLocalServiceUtil.fetchUserById(j)) == null || fetchUserById.isLockout()) {
            return null;
        }
        if (!PropsValues.AUTH_SIMULTANEOUS_LOGINS) {
            AuthenticatedSessionManagerUtil.signOutSimultaneousLogins(j);
        }
        if (PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) {
            httpSession = AuthenticatedSessionManagerUtil.renewSession(httpServletRequest, httpSession);
        }
        httpSession.setAttribute("j_username", str);
        if (GetterUtil.getBoolean(strArr[2])) {
            httpSession.setAttribute("j_password", str2);
        } else {
            httpSession.setAttribute("j_password", PasswordEncryptorUtil.encrypt(str2, fetchUserById.getPassword()));
            if (PropsValues.SESSION_STORE_PASSWORD) {
                httpSession.setAttribute("USER_PASSWORD", str2);
            }
        }
        httpSession.setAttribute("j_remoteuser", str);
        if (PropsValues.PORTAL_JAAS_ENABLE) {
            String concat = PortalUtil.getPathMain().concat("/portal/protected");
            if (PropsValues.AUTH_FORWARD_BY_LAST_PATH) {
                String concat2 = concat.concat("?redirect=");
                String str3 = (String) httpServletRequest.getAttribute("AUTO_LOGIN_REDIRECT_AND_CONTINUE");
                if (Validator.isNull(str3)) {
                    str3 = PortalUtil.getCurrentCompleteURL(httpServletRequest);
                }
                concat = concat2.concat(URLCodec.encodeURL(str3));
            }
            httpServletResponse.sendRedirect(concat);
        }
        return str;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        String[] login;
        String str;
        String host = PortalUtil.getHost(httpServletRequest);
        if (PortalInstances.isAutoLoginIgnoreHost(host)) {
            if (_log.isDebugEnabled()) {
                _log.debug("Ignore host " + host);
            }
            processFilter(AutoLoginFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
            return;
        }
        String pathContext = PortalUtil.getPathContext();
        String lowerCase = StringUtil.toLowerCase(httpServletRequest.getRequestURI());
        if (!pathContext.equals("/") && lowerCase.startsWith(pathContext)) {
            lowerCase = lowerCase.substring(pathContext.length());
        }
        if (PortalInstances.isAutoLoginIgnorePath(lowerCase)) {
            if (_log.isDebugEnabled()) {
                _log.debug("Ignore path " + lowerCase);
            }
            processFilter(AutoLoginFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
            return;
        }
        String remoteUser = httpServletRequest.getRemoteUser();
        HttpSession session = httpServletRequest.getSession();
        String str2 = (String) session.getAttribute("j_username");
        if (!PropsValues.AUTH_LOGIN_DISABLED && remoteUser == null && str2 == null) {
            Iterator it = _autoLogins.iterator();
            while (it.hasNext()) {
                try {
                    login = ((AutoLogin) it.next()).login(httpServletRequest, httpServletResponse);
                    str = (String) httpServletRequest.getAttribute("AUTO_LOGIN_REDIRECT");
                } catch (Exception e) {
                    StringBundler stringBundler = new StringBundler(6);
                    stringBundler.append("Current URL ");
                    String currentURL = PortalUtil.getCurrentURL(httpServletRequest);
                    stringBundler.append(currentURL);
                    stringBundler.append(" generates exception: ");
                    stringBundler.append(e.getMessage());
                    if (_log.isInfoEnabled()) {
                        stringBundler.append(" stack: ");
                        stringBundler.append(StackTraceUtil.getStackTrace(e));
                    }
                    if (!currentURL.endsWith(_PATH_CHAT_LATEST)) {
                        _log.error(stringBundler.toString());
                    } else if (_log.isWarnEnabled()) {
                        _log.warn(stringBundler.toString());
                    }
                }
                if (Validator.isNotNull(str)) {
                    httpServletResponse.sendRedirect(str);
                    return;
                }
                String loginRemoteUser = getLoginRemoteUser(httpServletRequest, httpServletResponse, session, login);
                if (loginRemoteUser != null) {
                    httpServletRequest = new ProtectedServletRequest(httpServletRequest, loginRemoteUser);
                    if (PropsValues.PORTAL_JAAS_ENABLE) {
                        return;
                    }
                    String str3 = !PropsValues.AUTH_FORWARD_BY_LAST_PATH ? "/c" : (String) httpServletRequest.getAttribute("AUTO_LOGIN_REDIRECT_AND_CONTINUE");
                    if (Validator.isNotNull(str3)) {
                        httpServletResponse.sendRedirect(str3);
                        return;
                    }
                } else {
                    continue;
                }
            }
        }
        processFilter(AutoLoginFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
    }
}
