package org.ofbiz.webapp.control;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.SecureRandom;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javolution.util.FastList;
import org.ofbiz.base.container.Container;
import org.ofbiz.base.container.ContainerException;
import org.ofbiz.base.container.ContainerLoader;
import org.ofbiz.base.start.StartupException;
import org.ofbiz.base.util.CachedClassLoader;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.StringUtil;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
import org.ofbiz.base.util.UtilObject;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.entity.Delegator;
import org.ofbiz.entity.DelegatorFactory;
import org.ofbiz.security.Security;
import org.ofbiz.security.SecurityConfigurationException;
import org.ofbiz.security.SecurityFactory;
import org.ofbiz.security.authz.AbstractAuthorization;
import org.ofbiz.security.authz.Authorization;
import org.ofbiz.security.authz.AuthorizationFactory;
import org.ofbiz.service.GenericDispatcher;
import org.ofbiz.service.LocalDispatcher;

/* loaded from: input_file:org/ofbiz/webapp/control/ContextFilter.class */
public class ContextFilter implements Filter {
    public static final String module = ContextFilter.class.getName();
    public static final String CONTAINER_CONFIG = "limited-containers.xml";
    public static final String FORWARDED_FROM_SERVLET = "_FORWARDED_FROM_SERVLET_";
    protected ClassLoader localCachedClassLoader = null;
    protected FilterConfig config = null;
    protected boolean debug = false;
    protected Container rmiLoadedContainer = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.config = filterConfig;
        putAllInitParametersInAttributes();
        this.localCachedClassLoader = new CachedClassLoader(Thread.currentThread().getContextClassLoader(), (String) filterConfig.getServletContext().getAttribute("webSiteId"));
        this.debug = "true".equalsIgnoreCase(filterConfig.getInitParameter("debug"));
        if (!this.debug) {
            this.debug = Debug.verboseOn();
        }
        Container containers = getContainers();
        if (containers != null) {
            this.rmiLoadedContainer = containers;
        }
        getServerId();
        getDelegator();
        getAuthz();
        getSecurity();
        getDispatcher();
        new SecureRandom().nextLong();
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponseWrapper httpServletResponseWrapper = new HttpServletResponseWrapper((HttpServletResponse) servletResponse);
        String initParameter = this.config.getInitParameter("disableCachedClassloader");
        if (initParameter == null || !"Y".equalsIgnoreCase(initParameter)) {
            Thread.currentThread().setContextClassLoader(this.localCachedClassLoader);
        }
        httpServletRequest.getSession().setAttribute("webSiteId", this.config.getServletContext().getAttribute("webSiteId"));
        servletRequest.setAttribute("servletContext", this.config.getServletContext());
        servletRequest.setAttribute("_CONTEXT_ROOT_", this.config.getServletContext().getRealPath("/"));
        servletRequest.setAttribute("_SERVER_ROOT_URL_", UtilHttp.getServerRootUrl(httpServletRequest).toString());
        String str2 = (String) httpServletRequest.getSession().getAttribute("_REQ_ATTR_MAP_");
        if (UtilValidate.isNotEmpty(str2)) {
            Map checkMap = UtilGenerics.checkMap(UtilObject.getObject(StringUtil.fromHexString(str2)), String.class, Object.class);
            if (checkMap != null) {
                for (Map.Entry entry : checkMap.entrySet()) {
                    servletRequest.setAttribute((String) entry.getKey(), entry.getValue());
                }
            }
            httpServletRequest.getSession().removeAttribute("_REQ_ATTR_MAP_");
        }
        String initParameter2 = this.config.getInitParameter("disableContextSecurity");
        if (initParameter2 != null && "Y".equalsIgnoreCase(initParameter2)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String initParameter3 = this.config.getInitParameter("forceRedirectAll");
        if (UtilValidate.isNotEmpty(initParameter3)) {
            if (httpServletRequest.getSession().getAttribute("_FORCE_REDIRECT_") != null) {
                httpServletRequest.getSession().removeAttribute("_FORCE_REDIRECT_");
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            httpServletRequest.getSession().setAttribute("_FORCE_REDIRECT_", "true");
            Debug.logWarning("Redirecting user to: " + initParameter3, module);
            if (!initParameter3.toLowerCase().startsWith("http")) {
                initParameter3 = httpServletRequest.getContextPath() + initParameter3;
            }
            httpServletResponseWrapper.sendRedirect(initParameter3);
            return;
        }
        if (servletRequest.getAttribute(FORWARDED_FROM_SERVLET) == null) {
            String initParameter4 = this.config.getInitParameter("allowedPaths");
            String initParameter5 = this.config.getInitParameter("redirectPath");
            String initParameter6 = this.config.getInitParameter("errorCode");
            List split = StringUtil.split(initParameter4, ":");
            split.add("/");
            split.add("");
            if (this.debug) {
                Debug.log("[Request]: " + httpServletRequest.getRequestURI(), module);
            }
            String servletPath = httpServletRequest.getServletPath();
            if (servletPath == null) {
                servletPath = "";
            }
            if (servletPath.lastIndexOf("/") > 0) {
                servletPath = servletPath.indexOf("/") == 0 ? "/" + servletPath.substring(1, servletPath.indexOf("/", 1)) : servletPath.substring(1, servletPath.indexOf("/"));
            }
            String servletPath2 = httpServletRequest.getServletPath();
            if (servletPath2 == null) {
                servletPath2 = "";
            }
            if (servletPath2.lastIndexOf("/") >= 0) {
                servletPath2 = servletPath2.substring(0, servletPath2.lastIndexOf("/")) + "/*";
            }
            StringBuilder sb = new StringBuilder();
            if (httpServletRequest.getContextPath() != null) {
                sb.append(httpServletRequest.getContextPath());
            }
            if (httpServletRequest.getServletPath() != null) {
                sb.append(httpServletRequest.getServletPath());
            }
            if (httpServletRequest.getPathInfo() != null) {
                sb.append(httpServletRequest.getPathInfo());
            }
            String sb2 = sb.toString();
            if (Debug.verboseOn()) {
                Iterator it = split.iterator();
                while (it.hasNext()) {
                    Debug.logVerbose("[Allow]: " + ((String) it.next()), module);
                }
                Debug.logVerbose("[Request path]: " + servletPath, module);
                Debug.logVerbose("[Request info]: " + servletPath2, module);
                Debug.logVerbose("[Servlet path]: " + httpServletRequest.getServletPath(), module);
            }
            if (!split.contains(servletPath) && !split.contains(servletPath2) && !split.contains(httpServletRequest.getServletPath())) {
                String str3 = "[Filtered request]: " + sb2;
                if (initParameter5 == null) {
                    int i = 404;
                    try {
                        i = Integer.parseInt(initParameter6);
                    } catch (NumberFormatException e) {
                        Debug.logWarning(e, "Error code specified would not parse to Integer : " + initParameter6, module);
                    }
                    str = str3 + " (" + i + ")";
                    httpServletResponseWrapper.sendError(i, sb2);
                } else {
                    str = str3 + " (" + initParameter5 + ")";
                    if (!initParameter5.toLowerCase().startsWith("http")) {
                        initParameter5 = httpServletRequest.getContextPath() + initParameter5;
                    }
                    httpServletResponseWrapper.sendRedirect(initParameter5);
                }
                Debug.logWarning(str, module);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
        AbstractAuthorization.clearThreadLocal();
    }

    public void destroy() {
        getDispatcher().deregister();
        try {
            destroyRmiContainer();
        } catch (ServletException e) {
            Debug.logError("Error when stopping containers, this exception should not arise...", module);
        }
        this.config = null;
    }

    protected LocalDispatcher getDispatcher() {
        LocalDispatcher localDispatcher = (LocalDispatcher) this.config.getServletContext().getAttribute("dispatcher");
        if (localDispatcher == null) {
            Delegator delegator = getDelegator();
            if (delegator == null) {
                Debug.logError("[ContextFilter.init] ERROR: delegator not defined.", module);
                return null;
            }
            Collection collection = null;
            String initParameter = this.config.getServletContext().getInitParameter("serviceReaderUrls");
            if (initParameter != null) {
                collection = FastList.newInstance();
                Iterator it = StringUtil.split(initParameter, ";").iterator();
                while (it.hasNext()) {
                    try {
                        URL resource = this.config.getServletContext().getResource((String) it.next());
                        if (resource != null) {
                            collection.add(resource);
                        }
                    } catch (NullPointerException e) {
                        Debug.logInfo(e, "[ContextFilter.init] ERROR: Null pointer exception thrown.", module);
                    } catch (MalformedURLException e2) {
                        Debug.logError(e2, "[ContextFilter.init] ERROR: cannot get URL from String.", module);
                    }
                }
            }
            String initParameter2 = this.config.getServletContext().getInitParameter("localDispatcherName");
            if (initParameter2 == null) {
                Debug.logError("No localDispatcherName specified in the web.xml file", module);
            }
            localDispatcher = GenericDispatcher.getLocalDispatcher(initParameter2, delegator, collection, (ClassLoader) null);
            this.config.getServletContext().setAttribute("dispatcher", localDispatcher);
            if (localDispatcher == null) {
                Debug.logError("[ContextFilter.init] ERROR: dispatcher could not be initialized.", module);
            }
        }
        return localDispatcher;
    }

    protected Delegator getDelegator() {
        Delegator delegator = (Delegator) this.config.getServletContext().getAttribute("delegator");
        if (delegator == null) {
            String initParameter = this.config.getServletContext().getInitParameter("entityDelegatorName");
            if (initParameter == null || initParameter.length() <= 0) {
                initParameter = "default";
            }
            if (Debug.verboseOn()) {
                Debug.logVerbose("Setup Entity Engine Delegator with name " + initParameter, module);
            }
            delegator = DelegatorFactory.getDelegator(initParameter);
            this.config.getServletContext().setAttribute("delegator", delegator);
            if (delegator == null) {
                Debug.logError("[ContextFilter.init] ERROR: delegator factory returned null for delegatorName \"" + initParameter + "\"", module);
            }
        }
        return delegator;
    }

    protected Authorization getAuthz() {
        Authorization authorization = (Authorization) this.config.getServletContext().getAttribute("authorization");
        if (authorization == null) {
            Delegator delegator = (Delegator) this.config.getServletContext().getAttribute("delegator");
            if (delegator != null) {
                try {
                    authorization = AuthorizationFactory.getInstance(delegator);
                } catch (SecurityConfigurationException e) {
                    Debug.logError(e, "[ServiceDispatcher.init] : No instance of authorization implementation found.", module);
                }
            }
            this.config.getServletContext().setAttribute("authz", authorization);
            if (authorization == null) {
                Debug.logError("[ContextFilter.init] ERROR: authorization create failed.", module);
            }
        }
        return authorization;
    }

    @Deprecated
    protected Security getSecurity() {
        Security security = (Security) this.config.getServletContext().getAttribute("security");
        if (security == null) {
            Delegator delegator = (Delegator) this.config.getServletContext().getAttribute("delegator");
            if (delegator != null) {
                try {
                    security = SecurityFactory.getInstance(delegator);
                } catch (SecurityConfigurationException e) {
                    Debug.logError(e, "[ServiceDispatcher.init] : No instance of security imeplemtation found.", module);
                }
            }
            this.config.getServletContext().setAttribute("security", security);
            if (security == null) {
                Debug.logError("[ContextFilter.init] ERROR: security create failed.", module);
            }
        }
        return security;
    }

    protected void putAllInitParametersInAttributes() {
        Enumeration enumeration = (Enumeration) UtilGenerics.cast(this.config.getServletContext().getInitParameterNames());
        while (enumeration.hasMoreElements()) {
            String str = (String) enumeration.nextElement();
            String initParameter = this.config.getServletContext().getInitParameter(str);
            if (Debug.verboseOn()) {
                Debug.logVerbose("Adding web.xml context-param to application attribute with name [" + str + "] and value [" + initParameter + "]", module);
            }
            this.config.getServletContext().setAttribute(str, initParameter);
        }
        String str2 = (String) this.config.getServletContext().getAttribute("GeronimoMultiOfbizInstances");
        if (UtilValidate.isNotEmpty(str2)) {
            String property = System.getProperty("ofbiz.home");
            if (str2.equalsIgnoreCase("true") && UtilValidate.isEmpty(property)) {
                String property2 = System.getProperty("ofbiz.home");
                System.out.println("Set OFBIZ_HOME to - " + property2);
                System.setProperty("ofbiz.home", property2);
            }
        }
    }

    protected String getServerId() {
        String str = (String) this.config.getServletContext().getAttribute("_serverId");
        if (str == null) {
            str = this.config.getServletContext().getInitParameter("ofbizServerName");
            this.config.getServletContext().setAttribute("_serverId", str);
        }
        return str;
    }

    protected Container getContainers() throws ServletException {
        try {
            return ContainerLoader.loadContainers(CONTAINER_CONFIG, (String[]) null);
        } catch (StartupException e) {
            Debug.logError(e, module);
            throw new ServletException("Unable to load containers; cannot start ContextFilter");
        }
    }

    protected void destroyRmiContainer() throws ServletException {
        if (this.rmiLoadedContainer != null) {
            try {
                this.rmiLoadedContainer.stop();
            } catch (ContainerException e) {
                Debug.logError(e, module);
                throw new ServletException("Error when stopping the RMI loaded container");
            }
        }
    }
}
