package org.sakaiproject.util;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.apache.commons.fileupload.DiskFileUpload;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUpload;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.api.kernel.session.Session;
import org.sakaiproject.api.kernel.session.ToolSession;
import org.sakaiproject.api.kernel.session.cover.SessionManager;
import org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager;

/* loaded from: input_file:org/sakaiproject/util/RequestFilter.class */
public class RequestFilter implements Filter {
    private static Log M_log;
    public static final String SESSION_COOKIE = "JSESSIONID";
    public static final String ATTR_SESSION = "sakai.session";
    public static final String ATTR_FILTERED = "sakai.filtered";
    public static final String ATTR_UPLOADS_DONE = "sakai.uploads.done";
    public static final String ATTR_CHARACTER_ENCODING_DONE = "sakai.character.encoding.done";
    public static final String ATTR_REDIRECT = "sakai.redirect";
    public static final String PARAM_AUTO = "auto";
    public static final String CONFIG_SESSION = "http.session";
    public static final String CONFIG_REMOTE_USER = "remote.user";
    public static final String CONFIG_TOOL_PLACEMENT = "tool.placement";
    public static final String CONFIG_CHARACTER_ENCODING_ENABLED = "encoding.enabled";
    public static final String CONFIG_CHARACTER_ENCODING = "encoding";
    public static final String CONFIG_UPLOAD_ENABLED = "upload.enabled";
    public static final String CONFIG_UPLOAD_MAX = "upload.max";
    public static final String SYSTEM_UPLOAD_MAX = "sakai.content.upload.max";
    public static final String CONFIG_UPLOAD_THRESHOLD = "upload.threshold";
    public static final String CONFIG_UPLOAD_DIR = "upload.dir";
    public static final String CONFIG_CONTEXT = "context";
    protected static final int CONTAINER_SESSION = 0;
    protected static final int SAKAI_SESSION = 1;
    protected static final int CONTEXT_SESSION = 2;
    protected static final int TOOL_SESSION = 3;
    protected static final String CURRENT_REMOTE_USER = "org.sakaiproject.util.RequestFilter.remote_user";
    protected static final String CURRENT_HTTP_SESSION = "org.sakaiproject.util.RequestFilter.http_session";
    protected static final String CURRENT_CONTEXT = "org.sakaiproject.util.RequestFilter.context";
    public static final String CURRENT_SERVER_URL = "org.sakaiproject.util.RequestFilter.serverUrl";
    public static final String CURRENT_INVALID_SESSION = "org.sakaiproject.util.RequestFilter.sessionWasInvalid";
    public static final String CURRENT_HTTP_REQUEST = "org.sakaiproject.util.RequestFilter.http_request";
    public static final String CURRENT_HTTP_RESPONSE = "org.sakaiproject.util.RequestFilter.http_response";
    protected static final String DOT = ".";
    protected static final String SAKAI_SERVERID = "sakai.serverId";
    protected int m_sakaiHttpSession = TOOL_SESSION;
    protected boolean m_sakaiRemoteUser = true;
    protected boolean m_toolPlacement = true;
    protected String m_contextId = null;
    protected String m_characterEncoding = "UTF-8";
    protected boolean m_characterEncodingEnabled = true;
    protected boolean m_uploadEnabled = true;
    protected long m_uploadMaxSize = 1048576;
    protected int m_uploadThreshold = 1024;
    protected String m_uploadTempDir = null;
    protected boolean m_displayModJkWarning = true;
    static Class class$org$sakaiproject$util$RequestFilter;

    /* loaded from: input_file:org/sakaiproject/util/RequestFilter$WrappedRequest.class */
    public class WrappedRequest extends HttpServletRequestWrapper {
        protected Session m_session;
        protected String m_contextId;
        private final RequestFilter this$0;

        public WrappedRequest(RequestFilter requestFilter, Session session, String str, HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
            this.this$0 = requestFilter;
            this.m_session = null;
            this.m_contextId = null;
            this.m_session = session;
            this.m_contextId = str;
            if (requestFilter.m_toolPlacement) {
                extractPlacementFromParams();
            }
        }

        public String getRemoteUser() {
            return (!((Boolean) ThreadLocalManager.get(RequestFilter.CURRENT_REMOTE_USER)).booleanValue() || this.m_session == null || this.m_session.getUserEid() == null) ? super.getRemoteUser() : this.m_session.getUserEid();
        }

        public HttpSession getSession() {
            return getSession(true);
        }

        public HttpSession getSession(boolean z) {
            HttpSession httpSession = RequestFilter.CONTAINER_SESSION;
            int intValue = ((Integer) ThreadLocalManager.get(RequestFilter.CURRENT_HTTP_SESSION)).intValue();
            String str = (String) ThreadLocalManager.get(RequestFilter.CURRENT_CONTEXT);
            switch (intValue) {
                case RequestFilter.CONTAINER_SESSION /* 0 */:
                    httpSession = super.getSession(z);
                    break;
                case RequestFilter.SAKAI_SESSION /* 1 */:
                    httpSession = (HttpSession) this.m_session;
                    break;
                case RequestFilter.CONTEXT_SESSION /* 2 */:
                    httpSession = (HttpSession) this.m_session.getContextSession(str);
                    break;
                case RequestFilter.TOOL_SESSION /* 3 */:
                    httpSession = (HttpSession) SessionManager.getCurrentToolSession();
                    if (httpSession == null) {
                        httpSession = (HttpSession) this.m_session.getContextSession(str);
                        break;
                    }
                    break;
            }
            return httpSession;
        }

        protected void extractPlacementFromParams() {
            String parameter = getParameter("sakai.tool.placement.id");
            if (parameter != null) {
                setAttribute("sakai.tool.placement.id", parameter);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/sakaiproject/util/RequestFilter$WrappedRequestFileUpload.class */
    public static class WrappedRequestFileUpload extends HttpServletRequestWrapper {
        private Map map;

        public WrappedRequestFileUpload(HttpServletRequest httpServletRequest, Map map) {
            super(httpServletRequest);
            this.map = map;
        }

        public Map getParameterMap() {
            return this.map;
        }

        public String[] getParameterValues(String str) {
            return (String[]) getParameterMap().get(str);
        }

        public String getParameter(String str) {
            String[] parameterValues = getParameterValues(str);
            if (parameterValues == null) {
                return null;
            }
            return parameterValues[RequestFilter.CONTAINER_SESSION];
        }

        public Enumeration getParameterNames() {
            return Collections.enumeration(getParameterMap().keySet());
        }
    }

    /* loaded from: input_file:org/sakaiproject/util/RequestFilter$WrappedResponse.class */
    public class WrappedResponse extends HttpServletResponseWrapper {
        protected HttpServletRequest m_req;
        protected HttpServletResponse m_res;
        private final RequestFilter this$0;

        public WrappedResponse(RequestFilter requestFilter, Session session, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
            this.this$0 = requestFilter;
            this.m_req = null;
            this.m_res = null;
            this.m_req = httpServletRequest;
            this.m_res = httpServletResponse;
        }

        public String encodeRedirectUrl(String str) {
            return rewriteURL(str);
        }

        public String encodeRedirectURL(String str) {
            return rewriteURL(str);
        }

        public String encodeUrl(String str) {
            return rewriteURL(str);
        }

        public String encodeURL(String str) {
            return rewriteURL(str);
        }

        public void sendRedirect(String str) throws IOException {
            String rewriteURL = rewriteURL(str);
            this.m_req.setAttribute(RequestFilter.ATTR_REDIRECT, rewriteURL);
            super.sendRedirect(rewriteURL);
        }

        protected String rewriteURL(String str) {
            String str2;
            if (this.this$0.m_toolPlacement && (str2 = (String) this.m_req.getAttribute("sakai.tool.placement.id")) != null) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append(this.m_req.getScheme());
                stringBuffer.append("://");
                stringBuffer.append(this.m_req.getServerName());
                if ((this.m_req.getServerPort() != 80 && !this.m_req.isSecure()) || (this.m_req.getServerPort() != 443 && this.m_req.isSecure())) {
                    stringBuffer.append(":");
                    stringBuffer.append(this.m_req.getServerPort());
                }
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append(this.m_req.getContextPath());
                stringBuffer.append(stringBuffer2.toString());
                if (str.startsWith(stringBuffer.toString()) || str.startsWith(stringBuffer2.toString())) {
                    StringBuffer stringBuffer3 = new StringBuffer(str);
                    if (str.indexOf(63) != -1) {
                        stringBuffer3.append('&');
                    } else {
                        stringBuffer3.append('?');
                    }
                    stringBuffer3.append("sakai.tool.placement.id");
                    stringBuffer3.append("=");
                    stringBuffer3.append(str2);
                    str = stringBuffer3.toString();
                }
            }
            if (this.m_res != null) {
                str = this.m_res.encodeURL(str);
            }
            return str;
        }
    }

    public void destroy() {
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x017e, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:39:0x0159, code lost:
    
        org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager.set(org.sakaiproject.util.RequestFilter.CURRENT_REMOTE_USER, r0);
        org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager.set(org.sakaiproject.util.RequestFilter.CURRENT_HTTP_SESSION, r0);
        org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager.set(org.sakaiproject.util.RequestFilter.CURRENT_CONTEXT, r0);
        org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager.set(org.sakaiproject.util.RequestFilter.CURRENT_HTTP_REQUEST, r0);
        org.sakaiproject.api.kernel.thread_local.cover.ThreadLocalManager.set(org.sakaiproject.util.RequestFilter.CURRENT_HTTP_RESPONSE, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0151, code lost:
    
        throw r19;
     */
    /* JADX WARN: Removed duplicated region for block: B:30:0x017c A[REMOVE] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void doFilter(javax.servlet.ServletRequest r6, javax.servlet.ServletResponse r7, javax.servlet.FilterChain r8) throws java.io.IOException, javax.servlet.ServletException {
        /*
            Method dump skipped, instructions count: 383
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.sakaiproject.util.RequestFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain):void");
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        if (filterConfig.getInitParameter(CONFIG_SESSION) != null) {
            String initParameter = filterConfig.getInitParameter(CONFIG_SESSION);
            if ("container".equalsIgnoreCase(initParameter)) {
                this.m_sakaiHttpSession = CONTAINER_SESSION;
            } else if ("sakai".equalsIgnoreCase(initParameter)) {
                this.m_sakaiHttpSession = SAKAI_SESSION;
            } else if (CONFIG_CONTEXT.equalsIgnoreCase(initParameter)) {
                this.m_sakaiHttpSession = CONTEXT_SESSION;
            } else if ("tool".equalsIgnoreCase(initParameter)) {
                this.m_sakaiHttpSession = TOOL_SESSION;
            } else {
                M_log.warn(new StringBuffer().append("invalid http.session setting (").append(initParameter).append("): not one of container, sakai, context, tool").toString());
            }
        }
        if (filterConfig.getInitParameter(CONFIG_REMOTE_USER) != null) {
            this.m_sakaiRemoteUser = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_REMOTE_USER)).booleanValue();
        }
        if (filterConfig.getInitParameter(CONFIG_TOOL_PLACEMENT) != null) {
            this.m_toolPlacement = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_TOOL_PLACEMENT)).booleanValue();
        }
        if (filterConfig.getInitParameter(CONFIG_CONTEXT) != null) {
            this.m_contextId = filterConfig.getInitParameter(CONFIG_CONTEXT);
        } else {
            this.m_contextId = filterConfig.getServletContext().getServletContextName();
            if (this.m_contextId == null) {
                this.m_contextId = toString();
            }
        }
        if (filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING) != null) {
            this.m_characterEncoding = filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING);
        }
        if (filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING_ENABLED) != null) {
            this.m_characterEncodingEnabled = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING_ENABLED)).booleanValue();
        }
        if (filterConfig.getInitParameter(CONFIG_UPLOAD_ENABLED) != null) {
            this.m_uploadEnabled = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_ENABLED)).booleanValue();
        }
        if (System.getProperty(SYSTEM_UPLOAD_MAX) != null) {
            this.m_uploadMaxSize = Long.valueOf(System.getProperty(SYSTEM_UPLOAD_MAX)).longValue() * 1024 * 1024;
        }
        if (filterConfig.getInitParameter(CONFIG_UPLOAD_MAX) != null) {
            this.m_uploadMaxSize = Long.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_MAX)).longValue();
        }
        if (filterConfig.getInitParameter(CONFIG_UPLOAD_DIR) != null) {
            this.m_uploadTempDir = filterConfig.getInitParameter(CONFIG_UPLOAD_DIR);
        }
        if (filterConfig.getInitParameter(CONFIG_UPLOAD_THRESHOLD) != null) {
            this.m_uploadThreshold = Integer.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_THRESHOLD)).intValue();
        }
    }

    protected void handleCharacterEncoding(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws UnsupportedEncodingException {
        if (this.m_characterEncodingEnabled && httpServletRequest.getCharacterEncoding() == null && this.m_characterEncoding != null && this.m_characterEncoding.length() > 0 && httpServletRequest.getAttribute(ATTR_CHARACTER_ENCODING_DONE) == null) {
            httpServletRequest.setAttribute(ATTR_CHARACTER_ENCODING_DONE, ATTR_CHARACTER_ENCODING_DONE);
            httpServletRequest.setCharacterEncoding(this.m_characterEncoding);
        }
    }

    protected HttpServletRequest handleFileUpload(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, UnsupportedEncodingException {
        if (!this.m_uploadEnabled || !FileUpload.isMultipartContent(httpServletRequest) || httpServletRequest.getAttribute(ATTR_UPLOADS_DONE) != null) {
            return httpServletRequest;
        }
        httpServletRequest.setAttribute(ATTR_UPLOADS_DONE, ATTR_UPLOADS_DONE);
        HashMap hashMap = new HashMap();
        DiskFileUpload diskFileUpload = new DiskFileUpload();
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        if (this.m_uploadTempDir != null) {
            diskFileUpload.setRepositoryPath(this.m_uploadTempDir);
        }
        if (this.m_uploadThreshold > 0) {
            diskFileUpload.setSizeThreshold(this.m_uploadThreshold);
        }
        if (this.m_uploadMaxSize > 0) {
            diskFileUpload.setSizeMax(this.m_uploadMaxSize);
        }
        if (characterEncoding != null && characterEncoding.length() > 0) {
            diskFileUpload.setHeaderEncoding(characterEncoding);
        }
        try {
            List parseRequest = diskFileUpload.parseRequest(httpServletRequest);
            for (int i = CONTAINER_SESSION; i < parseRequest.size(); i += SAKAI_SESSION) {
                FileItem fileItem = (FileItem) parseRequest.get(i);
                if (fileItem.isFormField()) {
                    hashMap.put(fileItem.getFieldName(), new String[]{fileItem.getString(characterEncoding)});
                } else {
                    httpServletRequest.setAttribute(fileItem.getFieldName(), fileItem);
                }
            }
            httpServletRequest.setAttribute("upload.status", "ok");
        } catch (FileUploadException e) {
            M_log.info("Unexpected exception in upload parsing", e);
            httpServletRequest.setAttribute("upload.status", "exception");
            httpServletRequest.setAttribute("upload.exception", e);
        } catch (FileUploadBase.SizeLimitExceededException e2) {
            M_log.info("Upload size limit exceeded", e2);
            httpServletRequest.setAttribute("upload.status", "size_limit_exceeded");
            httpServletRequest.setAttribute("upload.exception", e2);
            httpServletRequest.setAttribute("upload.limit", new Long((this.m_uploadMaxSize / 1024) / 1024));
        }
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            hashMap.put(str, httpServletRequest.getParameterValues(str));
        }
        return new WrappedRequestFileUpload(httpServletRequest, hashMap);
    }

    protected Session assureSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String id;
        Session session = CONTAINER_SESSION;
        boolean z = httpServletRequest.getParameter(PARAM_AUTO) != null;
        String parameter = httpServletRequest.getParameter(ATTR_SESSION);
        Cookie findCookie = findCookie(httpServletRequest, SESSION_COOKIE);
        if (parameter == null && findCookie != null) {
            parameter = findCookie.getValue();
        }
        if (parameter != null) {
            int indexOf = parameter.indexOf(DOT);
            if (indexOf > -1) {
                parameter = parameter.substring(CONTAINER_SESSION, indexOf);
            }
            if (M_log.isDebugEnabled()) {
                M_log.debug(new StringBuffer().append("assureSession found sessionId in cookie: ").append(parameter).toString());
            }
            session = SessionManager.getSession(parameter);
        } else {
            Principal userPrincipal = httpServletRequest.getUserPrincipal();
            if (userPrincipal != null && userPrincipal.getName() != null) {
                String name = userPrincipal.getName();
                session = SessionManager.getSession(name);
                if (session == null) {
                    session = SessionManager.startSession(name);
                }
            }
        }
        if (session != null && !z) {
            session.setActive();
        }
        if (session == null) {
            session = SessionManager.startSession();
            if (findCookie != null) {
                ThreadLocalManager.set(CURRENT_INVALID_SESSION, CURRENT_INVALID_SESSION);
            }
        }
        httpServletRequest.setAttribute(ATTR_SESSION, session);
        SessionManager.setCurrentSession(session);
        if (session == null && findCookie != null) {
            findCookie = new Cookie(SESSION_COOKIE, "");
            findCookie.setPath("/");
            findCookie.setMaxAge(CONTAINER_SESSION);
            httpServletResponse.addCookie(findCookie);
        }
        if (session != null && (findCookie == null || !findCookie.getValue().equals(session.getId()))) {
            String property = System.getProperty(SAKAI_SERVERID);
            if (property == null || property.length() < SAKAI_SESSION) {
                if (this.m_displayModJkWarning) {
                    M_log.info("no sakai.serverId system property set - mod_jk load balancing will not function properly");
                    this.m_displayModJkWarning = false;
                }
                id = session.getId();
            } else {
                id = new StringBuffer().append(session.getId()).append(DOT).append(property).toString();
            }
            Cookie cookie = new Cookie(SESSION_COOKIE, id);
            cookie.setPath("/");
            cookie.setMaxAge(-1);
            httpServletResponse.addCookie(cookie);
        }
        return session;
    }

    protected ToolSession detectToolPlacement(Session session, HttpServletRequest httpServletRequest) {
        if (!this.m_toolPlacement) {
            return null;
        }
        ToolSession toolSession = CONTAINER_SESSION;
        String parameter = httpServletRequest.getParameter("sakai.tool.placement.id");
        if (parameter != null) {
            toolSession = session.getToolSession(parameter);
            httpServletRequest.setAttribute("sakai.tool.session", toolSession);
            SessionManager.setCurrentToolSession(toolSession);
            httpServletRequest.setAttribute("sakai.tool.placement.id", parameter);
        }
        return toolSession;
    }

    protected HttpServletRequest preProcessRequest(Session session, HttpServletRequest httpServletRequest) {
        return new WrappedRequest(this, session, this.m_contextId, httpServletRequest);
    }

    protected HttpServletResponse preProcessResponse(Session session, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new WrappedResponse(this, session, httpServletRequest, httpServletResponse);
    }

    protected void postProcessResponse(Session session, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    protected Cookie findCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (int i = CONTAINER_SESSION; i < cookies.length; i += SAKAI_SESSION) {
            if (cookies[i].getName().equals(str)) {
                return cookies[i];
            }
        }
        return null;
    }

    public static String serverUrl(HttpServletRequest httpServletRequest) {
        String scheme;
        int serverPort;
        boolean isSecure;
        String property = System.getProperty("sakai.force.url.secure");
        if (property != null) {
            scheme = "https";
            serverPort = Integer.parseInt(property);
            isSecure = SAKAI_SESSION;
        } else {
            scheme = httpServletRequest.getScheme();
            serverPort = httpServletRequest.getServerPort();
            isSecure = httpServletRequest.isSecure();
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(scheme);
        stringBuffer.append("://");
        stringBuffer.append(httpServletRequest.getServerName());
        if ((serverPort != 80 && !isSecure) || (serverPort != 443 && isSecure)) {
            stringBuffer.append(":");
            stringBuffer.append(serverPort);
        }
        return stringBuffer.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$sakaiproject$util$RequestFilter == null) {
            cls = class$("org.sakaiproject.util.RequestFilter");
            class$org$sakaiproject$util$RequestFilter = cls;
        } else {
            cls = class$org$sakaiproject$util$RequestFilter;
        }
        M_log = LogFactory.getLog(cls);
    }
}
