package org.vaadin.shiro;

import elemental.json.JsonArray;
import elemental.json.JsonObject;
import elemental.json.impl.JsonUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.PathConfigProcessor;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/vaadin/shiro/VaadinNavigationRolesAuthorizationFilter.class */
public class VaadinNavigationRolesAuthorizationFilter extends AdviceFilter implements PathConfigProcessor {
    private static final transient Logger log = LoggerFactory.getLogger(VaadinNavigationRolesAuthorizationFilter.class);
    protected Map<String, List<String>> rolesByLocation = new LinkedHashMap();
    private String loginUrl;
    private String redirectJavaScript;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [java.util.List] */
    public Filter processPathConfig(String str, String str2) {
        log.trace("Adding path: " + str);
        ArrayList arrayList = new ArrayList();
        if (str2 != null) {
            arrayList = Arrays.asList(StringUtils.split(str2));
        }
        this.rolesByLocation.put(str, arrayList);
        return this;
    }

    public String getLoginUrl() {
        return this.loginUrl;
    }

    public void setLoginUrl(String str) {
        this.loginUrl = str;
    }

    public String getRedirectJavaScript() {
        return this.redirectJavaScript;
    }

    public void setRedirectJavaScript(String str) {
        this.redirectJavaScript = str;
    }

    protected boolean preHandle(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        return "/".equals(requestURI) ? handleFromBody(requestURI, httpServletRequest, httpServletResponse) : handleFromUri(requestURI, httpServletResponse);
    }

    protected void executeChain(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws Exception {
        JsonArray array;
        CustomServletResponseWrapper customServletResponseWrapper = new CustomServletResponseWrapper((HttpServletResponse) servletResponse);
        super.executeChain(servletRequest, customServletResponseWrapper, filterChain);
        if (customServletResponseWrapper.getContentType().equals("application/json; charset=UTF-8")) {
            String stringWriter = customServletResponseWrapper.getBranch().toString();
            customServletResponseWrapper.getBranch().close();
            if (stringWriter.startsWith("for(;;);") && (array = JsonUtil.parse(stringWriter.substring("for(;;);".length())).getObject(0).getArray("execute")) != null) {
                for (int i = 0; i < array.length(); i++) {
                    JsonArray array2 = array.getArray(i);
                    if (array2.length() == 3 && array2.getString(2).startsWith("history.pushState") && array2.getString(1) != null && !array2.getString(1).isEmpty() && !authorized("/" + array2.getString(1))) {
                        String redirectToLoginResponse = getRedirectToLoginResponse();
                        servletResponse.getWriter().write(redirectToLoginResponse);
                        servletResponse.setContentLength(redirectToLoginResponse.length());
                        return;
                    }
                }
            }
        }
        servletResponse.getWriter().write(customServletResponseWrapper.getMaster().toString());
        customServletResponseWrapper.getMaster().close();
    }

    protected boolean handleFromBody(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String locationFromBody = getLocationFromBody(httpServletRequest);
        boolean authorized = authorized(locationFromBody != null ? locationFromBody : str);
        if (!authorized) {
            httpServletResponse.getWriter().write(getRedirectToLoginResponse());
        }
        return authorized;
    }

    protected boolean handleFromUri(String str, HttpServletResponse httpServletResponse) {
        boolean authorized = authorized(str);
        if (!authorized) {
            httpServletResponse.setStatus(302);
            httpServletResponse.setHeader("Location", this.loginUrl);
        }
        return authorized;
    }

    protected String getLocationFromBody(ServletRequest servletRequest) throws IOException {
        JsonArray array;
        String str = (String) servletRequest.getReader().lines().collect(Collectors.joining());
        if (str.isEmpty() || (array = JsonUtil.parse(str).getArray("rpc")) == null) {
            return null;
        }
        JsonObject jsonObject = array.get(0);
        if ("navigation".equals(jsonObject.get("type").asString())) {
            return "/" + jsonObject.getString("location");
        }
        return null;
    }

    protected boolean authorized(String str) {
        List<String> list = this.rolesByLocation.get(str);
        if (list == null || list.isEmpty()) {
            log.trace("Location: \"" + str + "\" (ignored)");
            return true;
        }
        Subject subject = SecurityUtils.getSubject();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (subject.hasRole(it.next())) {
                log.trace("Location: \"" + str + "\" (match)");
                return true;
            }
        }
        log.trace("Location: \"" + str + "\" (doesn't match)");
        return false;
    }

    private String getRedirectToLoginResponse() {
        String redirectJavaScript = getRedirectJavaScript();
        if (redirectJavaScript == null) {
            redirectJavaScript = "location='" + this.loginUrl + "'";
        }
        return "for(;;);[{\"execute\":[[\"" + redirectJavaScript + "\"]]}]";
    }
}
