package com.bigstep.guacamoleapp;

import com.bigstep.bsi_guacamole.BSIGuacamole;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.guacamole.net.GuacamoleTunnel;
import org.apache.http.HttpStatus;
import org.jboss.netty.handler.codec.http.HttpHeaders;
import org.jboss.netty.handler.codec.http.cookie.CookieHeaderNames;

/* loaded from: input_file:WEB-INF/classes/com/bigstep/guacamoleapp/BSIGuacamoleTunnelServletFilter.class */
public class BSIGuacamoleTunnelServletFilter implements Filter, Utils {
    private static final String guacamoleStatusCodeText = "Guacamole-Status-Code";
    private static final String guacamoleErrorMessageText = "Guacamole-Error-Message";
    private Logger log = Logger.getLogger(BSIGuacamoleTunnelServletFilter.class.getName());
    private BSIGuacamole bsiGuacamoleClient = instantiateBSIClient();
    private List<Object> arrAllowedDomains = this.bsiGuacamoleClient.remote_console_allowed_domains_get();
    private String strHTTPOnlyCookieName = this.bsiGuacamoleClient.remote_console_jwt_cookie_names_get().get(CookieHeaderNames.HTTPONLY);

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader(HttpHeaders.Names.ORIGIN);
        try {
            Iterator<Object> it = this.arrAllowedDomains.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Object next = it.next();
                if (next != null && header.contains(next.toString())) {
                    httpServletResponse.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, header);
                    httpServletResponse.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
                    httpServletResponse.setHeader(HttpHeaders.Names.ACCESS_CONTROL_EXPOSE_HEADERS, "Guacamole-Error-Message,Guacamole-Status-Code");
                    break;
                }
            }
            String queryString = httpServletRequest.getQueryString();
            Cookie[] cookies = httpServletRequest.getCookies();
            HttpSession session = httpServletRequest.getSession();
            if (queryString.equals("connect")) {
                httpServletResponse.addCookie(new Cookie("JSESSIONID", session.getId()));
                int length = cookies.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    Cookie cookie = cookies[i];
                    if (cookie.getName().equals(this.strHTTPOnlyCookieName)) {
                        session.setAttribute("serializedCookie", cookie.getValue());
                        this.log.info("Serialized cookie was set at the very beginning");
                        break;
                    }
                    i++;
                }
            }
            try {
                authorizeLoggedUser((String) session.getAttribute("serializedCookie"), cookies);
            } catch (Exception e) {
                session.removeAttribute("serializedCookie");
                if (!httpServletResponse.isCommitted()) {
                    httpServletResponse.addHeader(guacamoleStatusCodeText, String.valueOf(HttpStatus.SC_UNAUTHORIZED));
                    httpServletResponse.addHeader(guacamoleErrorMessageText, String.valueOf(e.getMessage().replace("\"", GuacamoleTunnel.INTERNAL_DATA_OPCODE)));
                    httpServletResponse.sendError(HttpStatus.SC_UNAUTHORIZED);
                }
            }
        } catch (Throwable th) {
            if (th.getMessage() == null && th.getMessage().isEmpty()) {
                this.log.info("Exception in BSIGuacamoleTunnelServletFilter --- " + Arrays.toString(th.getStackTrace()));
            } else {
                this.log.info("Exception in BSIGuacamoleTunnelServletFilter --- ".concat(th.getMessage()));
            }
            if (!httpServletResponse.isCommitted()) {
                httpServletResponse.addHeader(guacamoleStatusCodeText, String.valueOf(HttpStatus.SC_INTERNAL_SERVER_ERROR));
                httpServletResponse.addHeader(guacamoleErrorMessageText, "Cannot connect. Internal server error.");
                httpServletResponse.sendError(HttpStatus.SC_INTERNAL_SERVER_ERROR);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    public void destroy() {
    }

    private void authorizeLoggedUser(String str, Cookie[] cookieArr) throws Exception {
        boolean z = false;
        HashMap hashMap = new HashMap();
        this.log.setLevel(Level.INFO);
        int length = cookieArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Cookie cookie = cookieArr[i];
            hashMap.put(cookie.getName(), cookie);
            if (cookie.getName().equals(this.strHTTPOnlyCookieName)) {
                z = str.equals(cookie.getValue());
                break;
            }
            i++;
        }
        if (z) {
            return;
        }
        try {
            if (!((Boolean) this.bsiGuacamoleClient.remote_console_user_cookie_authorize(hashMap).get("is_logged_in")).booleanValue()) {
                throw new Exception("User is logged out.");
            }
        } catch (Exception e) {
            this.log.info(e.getMessage());
            throw new Exception(e.getMessage());
        }
    }
}
