package com.hypersocket.json;

import com.hypersocket.auth.AuthenticationService;
import com.hypersocket.auth.AuthenticationState;
import com.hypersocket.auth.json.AuthenticatedController;
import com.hypersocket.auth.json.AuthenticationRequired;
import com.hypersocket.auth.json.AuthenticationRequiredButDontTouchSession;
import com.hypersocket.auth.json.Cacheable;
import com.hypersocket.config.SystemConfigurationService;
import com.hypersocket.context.AuthenticatedContext;
import com.hypersocket.realm.RealmService;
import com.hypersocket.session.Session;
import com.hypersocket.session.json.SessionUtils;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.DispatcherServlet;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

@Component
/* loaded from: input_file:com/hypersocket/json/ControllerInterceptor.class */
public class ControllerInterceptor implements HandlerInterceptor {
    public static final String CACHEABLE = "overrideCacheable";
    private static final Logger log = LoggerFactory.getLogger(ControllerInterceptor.class);

    @Autowired
    private AuthenticationService authenticationService;

    @Autowired
    private SessionUtils sessionUtils;

    @Autowired
    private RealmService realmService;

    @Autowired
    private SystemConfigurationService systemConfigurationService;
    private boolean setupMode;

    @PostConstruct
    private void setup() {
        try {
            this.setupMode = !this.systemConfigurationService.getBooleanValue("setup.completed").booleanValue();
        } catch (IllegalStateException e) {
        }
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        if (this.setupMode) {
            httpServletRequest.setAttribute(CACHEABLE, false);
        } else if (handlerMethod.getMethodAnnotation(Cacheable.class) != null) {
            httpServletRequest.setAttribute(CACHEABLE, Boolean.valueOf(((Cacheable) handlerMethod.getMethodAnnotation(Cacheable.class)).value()));
        }
        if (handlerMethod.getMethodAnnotation(AuthenticationRequired.class) != null || handlerMethod.getMethodAnnotation(AuthenticationRequiredButDontTouchSession.class) != null) {
            checkMethod(handlerMethod);
            AuthenticatedController authenticatedController = (AuthenticatedController) handlerMethod.getBean();
            if (handlerMethod.getMethodAnnotation(AuthenticationRequiredButDontTouchSession.class) != null) {
                authenticatedController.getSessionUtils().getSession(httpServletRequest);
            } else {
                authenticatedController.getSessionUtils().touchSession(httpServletRequest, httpServletResponse);
            }
        }
        AuthenticatedContext methodAnnotation = handlerMethod.getMethodAnnotation(AuthenticatedContext.class);
        if (methodAnnotation == null) {
            return true;
        }
        checkMethod(handlerMethod);
        AuthenticatedController authenticatedController2 = (AuthenticatedController) handlerMethod.getBean();
        if (methodAnnotation.preferActive() && this.sessionUtils.hasActiveSession(httpServletRequest)) {
            if (methodAnnotation.system()) {
                authenticatedController2.setupSystemContext(this.sessionUtils.getActiveSession(httpServletRequest).getCurrentRealm());
                return true;
            }
            authenticatedController2.setCurrentSession(this.sessionUtils.getActiveSession(httpServletRequest), this.sessionUtils.getLocale(httpServletRequest));
            return true;
        }
        if (methodAnnotation.principal()) {
            authenticatedController2.setupAuthenticatedContext(AuthenticationState.getCurrentState(httpServletRequest).getSession(), this.sessionUtils.getLocale(httpServletRequest));
            return true;
        }
        if (methodAnnotation.anonymous()) {
            authenticatedController2.setupAnonymousContext(httpServletRequest.getRemoteAddr(), httpServletRequest.getServerName(), httpServletRequest.getHeader("User-Agent"), httpServletRequest.getParameterMap());
            return true;
        }
        if (methodAnnotation.currentRealmOrDefault()) {
            authenticatedController2.setupSystemContext(this.sessionUtils.getCurrentRealmOrDefault(httpServletRequest));
            return true;
        }
        if (methodAnnotation.system()) {
            authenticatedController2.setupSystemContext();
            return true;
        }
        if (methodAnnotation.realmHost()) {
            authenticatedController2.setupSystemContext(this.realmService.getRealmByHost(httpServletRequest.getServerName()));
            return true;
        }
        Session session = this.sessionUtils.getSession(httpServletRequest);
        authenticatedController2.setCurrentSession(session, session.getCurrentRealm(), session.getCurrentPrincipal(), this.sessionUtils.getLocale(httpServletRequest));
        return true;
    }

    protected void checkMethod(HandlerMethod handlerMethod) {
        if (handlerMethod.getBean() instanceof AuthenticatedController) {
            return;
        }
        if (log.isErrorEnabled()) {
            log.error("Use of @AuthenticationRequired and @AuthenticatedContext annotation is restricted to subclass of AuthenticatedController");
        }
        throw new IllegalArgumentException("Use of @AuthenticationRequired and @AuthenticatedContext annotation is restricted to subclass of AuthenticatedController. " + handlerMethod.getBean().getClass() + " is not.");
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        boolean z = false;
        if (obj instanceof HandlerMethod) {
            z = ((HandlerMethod) obj).getMethodAnnotation(AuthenticatedContext.class) != null;
        }
        if (!z) {
            if (this.authenticationService.hasAuthenticatedContext() || this.authenticationService.hasSessionContext()) {
                log.warn("{} {} still has authenticated/session context. Will remove", httpServletRequest.getMethod(), httpServletRequest.getRequestURI());
                this.authenticationService.clearPrincipalContext();
                return;
            }
            return;
        }
        if (this.authenticationService.hasAuthenticatedContext() || this.authenticationService.hasSessionContext()) {
            this.authenticationService.clearPrincipalContext();
        } else if (log.isInfoEnabled()) {
            log.info("{} {} was expecting to have a context to clear, but there was none. This suggests a coding error.", httpServletRequest.getMethod(), httpServletRequest.getRequestURI());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v6, types: [java.lang.Throwable] */
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        Exception exc2 = exc;
        if (exc2 == null) {
            exc2 = (Throwable) httpServletRequest.getAttribute(DispatcherServlet.EXCEPTION_ATTRIBUTE);
        }
        if (exc2 != null) {
            log.error("API failure.", exc2);
        }
    }
}
