package com.openkm.jaas;

import com.openkm.core.Config;
import com.openkm.util.EnvironmentDetector;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openkm/jaas/ContextSubjectFilter.class */
public class ContextSubjectFilter implements Filter {
    private static Logger log = LoggerFactory.getLogger(ContextSubjectFilter.class);
    private static final String SESSION_AUTH_SUBJECT = "session.auth.subject";

    public void init(FilterConfig filterConfig) throws ServletException {
        log.info("Init filter");
    }

    public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        try {
            try {
                if (!EnvironmentDetector.isServerTomcat() || httpServletRequest.getRemoteUser() == null) {
                    filterChain.doFilter(servletRequest, servletResponse);
                } else {
                    HttpSession session = httpServletRequest.getSession(false);
                    Subject subject = (Subject) session.getAttribute(SESSION_AUTH_SUBJECT);
                    if (subject == null) {
                        log.info("Login and put Subject in session");
                        LoginContext loginContext = new LoginContext(Config.CONTEXT, new Subject(), new HttpAuthCallbackHandler(httpServletRequest));
                        loginContext.login();
                        subject = loginContext.getSubject();
                        session.setAttribute(SESSION_AUTH_SUBJECT, subject);
                    }
                    Subject.doAs(subject, new PrivilegedAction<Object>() { // from class: com.openkm.jaas.ContextSubjectFilter.1
                        @Override // java.security.PrivilegedAction
                        public Object run() {
                            try {
                                ContextSubjectFilter.log.debug("AccessController: {}", AccessController.getContext());
                                ContextSubjectFilter.log.debug("Subject: {}", Subject.getSubject(AccessController.getContext()));
                                filterChain.doFilter(servletRequest, servletResponse);
                                return null;
                            } catch (ServletException e) {
                                e.printStackTrace();
                                return null;
                            } catch (IOException e2) {
                                e2.printStackTrace();
                                return null;
                            }
                        }
                    });
                }
            } catch (LoginException e) {
                log.error(e.getMessage(), e);
            } catch (Exception e2) {
                log.error(e2.getMessage(), e2);
            }
        } catch (IOException e3) {
            log.error(e3.getMessage(), e3);
        } catch (ServletException e4) {
            log.error(e4.getMessage(), e4);
        }
    }

    public void destroy() {
        log.info("Destroy filter");
    }
}
