package pl.edu.icm.unity.saml.idp.web.filter;

import io.imunity.vaadin.endpoint.common.EopException;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.saml.SAMLProcessingException;
import pl.edu.icm.unity.saml.idp.web.SamlSessionService;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/filter/SamlGuardFilter.class */
public class SamlGuardFilter implements Filter {
    private static final Logger log = Log.getLogger("unity.server.saml", SamlGuardFilter.class);
    protected ErrorHandler errorHandler;

    public SamlGuardFilter(ErrorHandler errorHandler) {
        this.errorHandler = errorHandler;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            doFilterInterruptible(servletRequest, servletResponse, filterChain);
        } catch (EopException e) {
        }
    }

    protected void doFilterInterruptible(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException, EopException {
        if (!(servletRequest instanceof HttpServletRequest)) {
            throw new ServletException("This filter can be used only for HTTP servlets");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (SamlSessionService.getContext(httpServletRequest).isPresent()) {
            if (log.isTraceEnabled()) {
                log.trace("Request to SAML post-processing address, with SAML context: " + httpServletRequest.getRequestURI());
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            if (log.isDebugEnabled()) {
                log.warn("Request to SAML post-processing address, without SAML context: " + httpServletRequest.getRequestURI() + "?" + httpServletRequest.getQueryString());
                if (log.isTraceEnabled()) {
                    dumpRequest(httpServletRequest);
                }
            }
            this.errorHandler.showErrorPage(new SAMLProcessingException("No SAML context"), httpServletResponse);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    private void dumpRequest(HttpServletRequest httpServletRequest) throws IOException {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = new BufferedReader(httpServletRequest.getReader());
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                log.trace("Blocked request info:\n" + httpServletRequest.getMethod());
                log.trace("Blocked request params:\n" + httpServletRequest.getParameterMap());
                log.trace("Blocked request contents:\n" + sb);
                return;
            }
            sb.append(readLine);
        }
    }
}
