package hudson.plugins.pwauth;

import hudson.model.Hudson;
import hudson.security.AuthorizationStrategy;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:WEB-INF/classes/hudson/plugins/pwauth/PWauthFilter.class */
class PWauthFilter implements Filter {
    private static final String[] usernameParams = {"user", "username", "login"};
    private static final String[] passwordParams = {"pass", "password", "passwd", "key"};
    private final Filter superFilter;
    private final PWauthSecurityRealm pwauth;

    public PWauthFilter(Filter filter, PWauthSecurityRealm pWauthSecurityRealm) {
        this.superFilter = filter;
        this.pwauth = pWauthSecurityRealm;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        doFilter((HttpServletRequest) servletRequest, servletResponse, filterChain);
    }

    public void doFilter(HttpServletRequest httpServletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.pwauth.enableParamAuth && validateParams(httpServletRequest)) {
            grantAccess(httpServletRequest, servletResponse, filterChain);
            return;
        }
        Iterator<String> it = getWhitelist().iterator();
        while (it.hasNext()) {
            if (it.next().equals(httpServletRequest.getRemoteAddr())) {
                grantAccess(httpServletRequest, servletResponse, filterChain);
                return;
            }
        }
        this.superFilter.doFilter(httpServletRequest, servletResponse, filterChain);
    }

    private boolean validateParams(HttpServletRequest httpServletRequest) {
        try {
            String parameter = getParameter(usernameParams, httpServletRequest);
            String parameter2 = getParameter(passwordParams, httpServletRequest);
            if (Hudson.getInstance().getSecurityRealm() instanceof PWauthSecurityRealm) {
                return Hudson.getInstance().getSecurityRealm().authenticate(parameter, parameter2) != null;
            }
            return false;
        } catch (Exception e) {
            return false;
        }
    }

    private String getParameter(String[] strArr, HttpServletRequest httpServletRequest) {
        for (String str : strArr) {
            if (httpServletRequest.getParameter(str) != null) {
                return httpServletRequest.getParameter(str);
            }
        }
        return null;
    }

    private void grantAccess(HttpServletRequest httpServletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException {
        AuthorizationStrategy authorizationStrategy = Hudson.getInstance().getAuthorizationStrategy();
        Hudson.getInstance().setAuthorizationStrategy(AuthorizationStrategy.UNSECURED);
        try {
            this.superFilter.doFilter(httpServletRequest, servletResponse, filterChain);
            Hudson.getInstance().setAuthorizationStrategy(authorizationStrategy);
        } catch (Exception e) {
            Hudson.getInstance().setAuthorizationStrategy(authorizationStrategy);
            throw new ServletException(e);
        }
    }

    private List<String> getWhitelist() {
        Vector vector = new Vector();
        if (this.pwauth.whitelist != null) {
            for (String str : this.pwauth.whitelist.split("(\\s)*[,|;|\\s](\\s)*")) {
                if (PWauthValidation.validateIP(str)) {
                    vector.add(str.trim());
                }
            }
        }
        return vector;
    }

    public void destroy() {
    }
}
