package com.liferay.portal.security.sso.opensso.internal.servlet.filter;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.module.configuration.ConfigurationProvider;
import com.liferay.portal.kernel.security.sso.OpenSSO;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.kernel.settings.CompanyServiceSettingsLocator;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.URLCodec;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.security.sso.opensso.configuration.OpenSSOConfiguration;
import com.liferay.portal.util.PropsValues;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(configurationPid = {"com.liferay.portal.security.sso.opensso.configuration.OpenSSOConfiguration"}, property = {"before-filter=Auto Login Filter", "dispatcher=FORWARD", "dispatcher=REQUEST", "servlet-context-name=", "servlet-filter-name=SSO Open SSO Filter", "url-pattern=/c/portal/login", "url-pattern=/c/portal/logout"}, service = {Filter.class})
/* loaded from: input_file:com/liferay/portal/security/sso/opensso/internal/servlet/filter/OpenSSOFilter.class */
public class OpenSSOFilter extends BaseFilter {
    private static final String _SUBJECT_ID_KEY = "open.sso.subject.id";
    private static final Log _log = LogFactoryUtil.getLog(OpenSSOFilter.class);

    @Reference
    private ConfigurationProvider _configurationProvider;

    @Reference
    private OpenSSO _openSSO;

    @Reference
    private Portal _portal;

    public boolean isFilterEnabled(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            OpenSSOConfiguration _getOpenSSOConfiguration = _getOpenSSOConfiguration(this._portal.getCompanyId(httpServletRequest));
            if (_getOpenSSOConfiguration.enabled() && Validator.isNotNull(_getOpenSSOConfiguration.loginURL()) && Validator.isNotNull(_getOpenSSOConfiguration.logoutURL())) {
                return Validator.isNotNull(_getOpenSSOConfiguration.serviceURL());
            }
            return false;
        } catch (Exception e) {
            _log.error(e);
            return false;
        }
    }

    protected Log getLog() {
        return _log;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        OpenSSOConfiguration _getOpenSSOConfiguration = _getOpenSSOConfiguration(this._portal.getCompanyId(httpServletRequest));
        if (GetterUtil.getString(httpServletRequest.getRequestURI()).endsWith("/portal/logout")) {
            httpServletRequest.getSession().invalidate();
            httpServletResponse.sendRedirect(_getOpenSSOConfiguration.logoutURL());
            return;
        }
        try {
            boolean isAuthenticated = this._openSSO.isAuthenticated(httpServletRequest, _getOpenSSOConfiguration.serviceURL());
            HttpSession session = httpServletRequest.getSession();
            if (isAuthenticated) {
                String subjectId = this._openSSO.getSubjectId(httpServletRequest, _getOpenSSOConfiguration.serviceURL());
                String str = (String) session.getAttribute(_SUBJECT_ID_KEY);
                if (str == null) {
                    session.setAttribute(_SUBJECT_ID_KEY, subjectId);
                } else if (!subjectId.equals(str)) {
                    session.invalidate();
                    httpServletRequest.getSession().setAttribute(_SUBJECT_ID_KEY, subjectId);
                }
                processFilter(OpenSSOFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
                return;
            }
            if (this._portal.getUserId(httpServletRequest) > 0) {
                session.invalidate();
            }
            String loginURL = _getOpenSSOConfiguration.loginURL();
            if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH || !loginURL.contains("/portal/login")) {
                httpServletResponse.sendRedirect(_getOpenSSOConfiguration.loginURL());
                return;
            }
            String currentURL = this._portal.getCurrentURL(httpServletRequest);
            String str2 = currentURL;
            if (currentURL.contains("/portal/login")) {
                str2 = ParamUtil.getString(httpServletRequest, "redirect");
                if (Validator.isNull(str2)) {
                    str2 = this._portal.getPathMain();
                }
            }
            httpServletResponse.sendRedirect(_getOpenSSOConfiguration.loginURL() + URLCodec.encodeURL("?redirect=" + URLCodec.encodeURL(str2)));
        } catch (Exception e) {
            _log.error(e);
            processFilter(OpenSSOFilter.class.getName(), httpServletRequest, httpServletResponse, filterChain);
        }
    }

    private OpenSSOConfiguration _getOpenSSOConfiguration(long j) throws Exception {
        return (OpenSSOConfiguration) this._configurationProvider.getConfiguration(OpenSSOConfiguration.class, new CompanyServiceSettingsLocator(j, "com.liferay.portal.security.sso.opensso"));
    }
}
