package pt.ist.fenixWebFramework.servlets.filters.contentRewrite;

import com.google.common.base.Charsets;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import pt.ist.fenixWebFramework.RenderersConfigurationManager;

/* loaded from: input_file:pt/ist/fenixWebFramework/servlets/filters/contentRewrite/RequestChecksumFilter.class */
public class RequestChecksumFilter implements Filter {
    private static final String ENCODING = Charsets.UTF_8.name();
    public static Set<ChecksumPredicate> predicates = new HashSet();

    /* loaded from: input_file:pt/ist/fenixWebFramework/servlets/filters/contentRewrite/RequestChecksumFilter$ChecksumPredicate.class */
    public interface ChecksumPredicate {
        boolean shouldFilter(HttpServletRequest httpServletRequest);
    }

    public static void registerFilterRule(ChecksumPredicate checksumPredicate) {
        predicates.add(checksumPredicate);
    }

    public void init(FilterConfig filterConfig) {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (RenderersConfigurationManager.getConfiguration().filterRequestWithDigest().booleanValue() && shouldValidateChecksum(httpServletRequest) && !isValidChecksum(httpServletRequest)) {
            handleInvalidChecksum(httpServletRequest, (HttpServletResponse) servletResponse);
            return;
        }
        ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) servletResponse);
        filterChain.doFilter(servletRequest, responseWrapper);
        responseWrapper.writeRealResponse(httpServletRequest.getSession(false));
    }

    protected void handleInvalidChecksum(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.invalidate();
        }
        httpServletResponse.sendRedirect(RenderersConfigurationManager.getConfiguration().tamperingRedirect());
    }

    protected boolean shouldValidateChecksum(HttpServletRequest httpServletRequest) {
        Iterator<ChecksumPredicate> it = predicates.iterator();
        while (it.hasNext()) {
            if (!it.next().shouldFilter(httpServletRequest)) {
                return false;
            }
        }
        return true;
    }

    private boolean isValidChecksum(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(GenericChecksumRewriter.CHECKSUM_ATTRIBUTE_NAME);
        if (parameter == null || parameter.length() == 0) {
            parameter = (String) httpServletRequest.getAttribute(GenericChecksumRewriter.CHECKSUM_ATTRIBUTE_NAME);
        }
        return isValidChecksum(httpServletRequest, parameter);
    }

    public static String decodeURL(String str, String str2) {
        if (str == null) {
            return null;
        }
        try {
            return URLDecoder.decode(str, str2);
        } catch (UnsupportedEncodingException e) {
            return str;
        }
    }

    private boolean isValidChecksum(HttpServletRequest httpServletRequest, String str) {
        HttpSession session = httpServletRequest.getSession(false);
        String decodeURL = decodeURL(httpServletRequest.getRequestURI(), ENCODING);
        return isValidChecksum(decodeURL, decodeURL(httpServletRequest.getQueryString(), ENCODING), str, session) || isValidChecksum(decodeURL, httpServletRequest.getQueryString(), str, session);
    }

    private boolean isValidChecksum(String str, String str2, String str3, HttpSession httpSession) {
        return str3 != null && str3.length() > 0 && str3.equals(GenericChecksumRewriter.calculateChecksum(str2 != null ? str + "?" + str2 : str, httpSession));
    }
}
