package com.worklight.gadgets.serving.filters;

import com.worklight.common.log.WorklightLogger;
import com.worklight.common.log.WorklightServerLogger;
import com.worklight.common.type.Environment;
import com.worklight.core.auth.impl.WLResponseWrapper;
import com.worklight.gadgets.api.GadgetAPIRequestCoder;
import com.worklight.gadgets.serving.APIMethodHandlerMgr;
import com.worklight.gadgets.utils.SecurityFilterUtils;
import java.io.IOException;
import java.text.MessageFormat;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:com/worklight/gadgets/serving/filters/InstanceAuthenticationFilter.class */
public class InstanceAuthenticationFilter implements Filter {
    private static final String INSTANCE_ID_HEADER_NAME = "WL-Instance-Id";
    private static final String SESSION_ATTRIBUTE_INSTANCE_ID = "instanceId";
    private static final WorklightServerLogger logger = new WorklightServerLogger(InstanceAuthenticationFilter.class, WorklightLogger.MessagesBundles.CORE);

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        WLResponseWrapper wLResponseWrapper = servletResponse instanceof WLResponseWrapper ? (WLResponseWrapper) servletResponse : new WLResponseWrapper((HttpServletResponse) servletResponse);
        try {
            GadgetAPIRequestCoder.GadgetRequestInfo decodeGadgetRequestInfo = GadgetAPIRequestCoder.decodeGadgetRequestInfo(httpServletRequest);
            String header = httpServletRequest.getHeader(INSTANCE_ID_HEADER_NAME);
            HttpSession session = httpServletRequest.getSession();
            String instanceId = getInstanceId(session);
            if (header != null) {
                if (header.equals(instanceId)) {
                    filterChain.doFilter(httpServletRequest, wLResponseWrapper);
                    return;
                } else {
                    logger.debug("doFilter", MessageFormat.format("Instance authentication has failed for request {0}. Expected instance-id ''{1}''. Got instance-id ''{2}''.", httpServletRequest.getPathInfo(), instanceId, header));
                    setFailedResponse(wLResponseWrapper, getInstanceId(session));
                    return;
                }
            }
            if (decodeGadgetRequestInfo != null) {
                if (decodeGadgetRequestInfo.urlHasInstanceId()) {
                    if (decodeGadgetRequestInfo.getHandlerPath().indexOf(GadgetAPIRequestCoder.REQ_PATH_AUTHENTICATION) >= 0) {
                        filterChain.doFilter(httpServletRequest, wLResponseWrapper);
                        wLResponseWrapper.sendResponseJSON();
                        return;
                    } else if (decodeGadgetRequestInfo.getHandlerPath().indexOf(GadgetAPIRequestCoder.REQ_PATH_INIT) >= 0) {
                        APIMethodHandlerMgr.getInstance().getHandler(GadgetAPIRequestCoder.REQ_PATH_INIT).doPost(httpServletRequest, wLResponseWrapper, decodeGadgetRequestInfo);
                        wLResponseWrapper.sendResponseJSON();
                        return;
                    }
                }
                if (decodeGadgetRequestInfo.getGadgetEnvironment() == Environment.FACEBOOK && decodeGadgetRequestInfo.getHandlerPath().equals(GadgetAPIRequestCoder.REQ_PATH_FACEBOOK_CALLBACK)) {
                    filterChain.doFilter(httpServletRequest, wLResponseWrapper);
                    return;
                }
            }
            setFailedResponse(wLResponseWrapper, instanceId);
        } catch (Exception e) {
            logger.error(e, "doFilter", "logger.skippingInstance", new Object[0]);
            filterChain.doFilter(httpServletRequest, wLResponseWrapper);
        }
    }

    private String getInstanceId(HttpSession httpSession) {
        synchronized (WebUtils.getSessionMutex(httpSession)) {
            Object attribute = httpSession.getAttribute(SESSION_ATTRIBUTE_INSTANCE_ID);
            if (attribute != null) {
                return (String) attribute;
            }
            String randomToken = SecurityFilterUtils.getRandomToken();
            httpSession.setAttribute(SESSION_ATTRIBUTE_INSTANCE_ID, randomToken);
            return randomToken;
        }
    }

    private void setFailedResponse(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.addHeader(INSTANCE_ID_HEADER_NAME, str);
        httpServletResponse.sendError(403);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
