package hudson.plugins.collabnet.auth;

import com.collabnet.ce.webservices.CollabNetApp;
import hudson.model.Hudson;
import hudson.security.SecurityRealm;
import java.io.IOException;
import java.net.URLEncoder;
import java.rmi.RemoteException;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;

/* loaded from: input_file:hudson/plugins/collabnet/auth/CNFilter.class */
public class CNFilter implements Filter {
    private static Logger log = Logger.getLogger("CNFilter");

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Authentication authentication = Hudson.getAuthentication();
        SecurityRealm securityRealm = Hudson.getInstance().getSecurityRealm();
        if (Hudson.getInstance().isUseSecurity() && ((!authentication.isAuthenticated() || authentication.getPrincipal().equals("anonymous")) && (securityRealm instanceof CollabNetSecurityRealm))) {
            attemptSFLogin((CollabNetSecurityRealm) securityRealm, servletRequest, servletResponse);
        } else if (Hudson.getInstance().isUseSecurity() && (securityRealm instanceof CollabNetSecurityRealm) && (authentication instanceof CNAuthentication) && !((CNAuthentication) authentication).isCNAuthed()) {
            doSFAuth((CNAuthentication) authentication, (CollabNetSecurityRealm) securityRealm, (HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
            return;
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void attemptSFLogin(CollabNetSecurityRealm collabNetSecurityRealm, ServletRequest servletRequest, ServletResponse servletResponse) {
        String collabNetUrl = collabNetSecurityRealm.getCollabNetUrl();
        String parameter = servletRequest.getParameter("sfUsername");
        String parameter2 = servletRequest.getParameter("sfLoginToken");
        if (parameter == null || parameter2 == null) {
            return;
        }
        CollabNetApp collabNetApp = new CollabNetApp(collabNetUrl, parameter);
        try {
            collabNetApp.loginWithToken(parameter2);
            SecurityContextHolder.getContext().setAuthentication(new CNAuthentication(parameter, collabNetApp));
        } catch (RemoteException e) {
            log.severe("Login failed with RemoteException: " + e.getMessage());
        }
    }

    private void doSFAuth(CNAuthentication cNAuthentication, CollabNetSecurityRealm collabNetSecurityRealm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        cNAuthentication.setCNAuthed(true);
        String currentUrl = getCurrentUrl(httpServletRequest);
        String str = collabNetSecurityRealm.getCollabNetUrl() + "/sf/sfmain/do/soapredirect?id=" + URLEncoder.encode(cNAuthentication.getSessionId(), "UTF-8") + "&user=" + URLEncoder.encode((String) cNAuthentication.getPrincipal(), "UTF-8") + "&redirectUrl=" + URLEncoder.encode(currentUrl, "UTF-8");
        httpServletResponse.setStatus(302);
        httpServletResponse.setHeader("Location", str);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    public static String getCurrentBaseUrl(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        String rootUrl = Hudson.getInstance().getRootUrl();
        if (rootUrl != null) {
            sb.append(rootUrl);
        } else {
            sb.append(httpServletRequest.getScheme());
            sb.append("://");
            sb.append(httpServletRequest.getServerName());
            if (httpServletRequest.getServerPort() != 80) {
                sb.append(':').append(httpServletRequest.getServerPort());
            }
        }
        return sb.toString();
    }

    public static String getCurrentUrl(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder(getCurrentBaseUrl(httpServletRequest));
        if (httpServletRequest.getContextPath() != null) {
            sb.append(httpServletRequest.getContextPath());
        }
        if (httpServletRequest.getRequestURI() != null) {
            sb.append(httpServletRequest.getRequestURI());
        }
        if (httpServletRequest.getQueryString() != null) {
            sb.append("?" + httpServletRequest.getQueryString());
        }
        return sb.toString();
    }

    public void destroy() {
    }
}
