package de.docware.framework.modules.config.defaultconfig.security;

import de.docware.framework.modules.config.ConfigBase;
import de.docware.framework.modules.gui.misc.logger.LogType;
import de.docware.util.security.signature.securestart.JWT;
import java.io.IOException;
import java.io.UTFDataFormatException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:de/docware/framework/modules/config/defaultconfig/security/b.class */
public class b extends de.docware.framework.modules.config.defaultconfig.c {
    public static final String SESSION_ATTRIBUTE_JWT_PAYLOAD = "jwtPayload";
    public static final String XML_SUBPATH_FROM_HEADER = "/fromHeader";
    public static final String XML_SUBPATH_REQUEST_PARAMETER = "/requestParameter";
    public static final String XML_SUBPATH_SECRET = "/secret";
    public static final String XML_SUBPATH_EXPIRATION_TIME = "/expirationTime";
    public static final String XML_SUBPATH_EXPECTED_AUDIENCE = "/expectedAudience";
    public static final String XML_SUBPATH_JWT_ONETIME_USE = "/jwtOnetimeUse";
    public static final String XML_SUBPATH_FORWARD_WITH_PARAMETERS = "/forwardWithParameters";
    public static final String XML_SUBPATH_ERROR_FORWARDINGS = "/errorForwardings";
    public static final boolean FROM_HEADER_DEFAULT = true;
    public static final String REQUEST_PARAMETER_DEFAULT = "jwt";
    public static final int EXPIRATION_TIME_DEFAULT = 3;
    public static final String EXPECTED_AUDIENCE_DEFAULT = "";
    public static final boolean JWT_ONETIME_USE_DEFAULT = false;
    public static final boolean FORWARD_WITH_PARAMETERS_DEFAULT = true;
    public static final String ERROR_NO_JWT = "NO_JWT";
    public static final String ERROR_WRONG_AUDIENCE = "WRONG_AUDIENCE";
    public static final String ERROR_JWT_ALREADY_USED = "JWT_ALREADY_USED";
    private boolean fromHeader = true;
    private String requestParameter = REQUEST_PARAMETER_DEFAULT;
    private int expirationTime = 3;
    private de.docware.util.security.b secret = SECRET_DEFAULT;
    private String expectedAudience = "";
    private boolean jwtOneTimeUse = false;
    private boolean forwardWithParameters = true;
    private HashMap<String, List<String>> forwardingMap = ERROR_FORWARDINGS_DEFAULT;
    public static final de.docware.util.security.b SECRET_DEFAULT = new de.docware.util.security.b("SKWOMwTw0cte1Y2h73CSUu5qUWtqoIegS2sIx8sAiVk");
    public static final HashMap<String, List<String>> ERROR_FORWARDINGS_DEFAULT = new HashMap<>();

    @Override // de.docware.framework.modules.config.defaultconfig.a
    public void read(ConfigBase configBase, String str) {
        this.fromHeader = configBase.aW(str + "/fromHeader", true);
        this.requestParameter = configBase.iU(str + "/requestParameter", REQUEST_PARAMETER_DEFAULT);
        this.secret = configBase.e(str + "/secret", SECRET_DEFAULT);
        this.expirationTime = configBase.M(str + "/expirationTime", 3);
        this.expectedAudience = configBase.iU(str + "/expectedAudience", "");
        this.jwtOneTimeUse = configBase.aW(str + "/jwtOnetimeUse", false);
        this.forwardWithParameters = configBase.aW(str + "/forwardWithParameters", true);
        this.forwardingMap.clear();
        de.docware.framework.modules.config.utils.d dVar = new de.docware.framework.modules.config.utils.d();
        dVar.read(configBase, str + "/errorForwardings");
        for (de.docware.framework.modules.config.utils.c cVar : dVar.getSettingsList()) {
            this.forwardingMap.put(cVar.getKey(), cVar.getValue());
        }
    }

    @Override // de.docware.framework.modules.config.defaultconfig.a
    public void write(ConfigBase configBase, String str) {
        configBase.cOK();
        try {
            configBase.aX(str + "/fromHeader", this.fromHeader);
            configBase.iW(str + "/requestParameter", this.requestParameter);
            configBase.f(str + "/secret", this.secret);
            configBase.N(str + "/expirationTime", this.expirationTime);
            configBase.iW(str + "/expectedAudience", this.expectedAudience);
            configBase.aX(str + "/jwtOnetimeUse", this.jwtOneTimeUse);
            configBase.aX(str + "/forwardWithParameters", this.forwardWithParameters);
            de.docware.framework.modules.config.utils.d dVar = new de.docware.framework.modules.config.utils.d();
            for (String str2 : this.forwardingMap.keySet()) {
                de.docware.framework.modules.config.utils.c cVar = new de.docware.framework.modules.config.utils.c();
                cVar.setKey(str2);
                cVar.setValue(this.forwardingMap.get(str2));
                dVar.add(cVar);
            }
            dVar.write(configBase, str + "/errorForwardings");
            configBase.cOL();
        } catch (Throwable th) {
            configBase.cOM();
            throw th;
        }
    }

    @Override // de.docware.framework.modules.config.defaultconfig.a
    public void assignTo(de.docware.framework.modules.config.defaultconfig.a aVar) {
        b bVar = (b) aVar;
        bVar.fromHeader = this.fromHeader;
        bVar.requestParameter = this.requestParameter;
        bVar.secret = this.secret;
        bVar.expirationTime = this.expirationTime;
        bVar.expectedAudience = this.expectedAudience;
        bVar.jwtOneTimeUse = this.jwtOneTimeUse;
        bVar.forwardWithParameters = this.forwardWithParameters;
        bVar.forwardingMap = this.forwardingMap;
    }

    public boolean isRequestOk(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = this.fromHeader ? httpServletRequest.getHeader(this.requestParameter) : httpServletRequest.getParameter(this.requestParameter);
        String str = "";
        if (de.docware.util.h.ae(header)) {
            str = getForwardURLForError(ERROR_NO_JWT);
        } else {
            JWT.a a = JWT.a(header, this.secret.dUW(), new Date().getTime() / 1000, 0L, (new Date().getTime() / 1000) + this.expirationTime);
            if (a.dVc() == JWT.ReturnCode.SUCCESS) {
                try {
                    JWT.b anh = JWT.anh(header);
                    String dVd = anh.dVd();
                    boolean z = false;
                    if (this.expectedAudience.equals("")) {
                        z = true;
                    } else {
                        try {
                            if (new JSONObject(dVd).getString(JWT.CLAIM.aud.name()).equals(this.expectedAudience)) {
                                z = true;
                            }
                        } catch (JSONException e) {
                            de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLi, LogType.DEBUG, e);
                        }
                    }
                    boolean z2 = !this.jwtOneTimeUse;
                    if (this.jwtOneTimeUse) {
                        z2 = a.Xz(header);
                    }
                    if (z && z2) {
                        httpServletRequest.getSession().setAttribute(SESSION_ATTRIBUTE_JWT_PAYLOAD, dVd);
                        return true;
                    }
                    if (!z) {
                        str = getForwardURLForError(ERROR_WRONG_AUDIENCE);
                    } else if (!z2) {
                        str = getForwardURLForError(ERROR_JWT_ALREADY_USED);
                    }
                    de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLi, LogType.DEBUG, "JWT header='" + anh.cJL() + "', payload='" + dVd + "'");
                } catch (de.docware.util.security.signature.securestart.a | UTFDataFormatException e2) {
                    de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLi, LogType.ERROR, e2);
                    return false;
                }
            } else {
                de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLi, LogType.DEBUG, a.getMessage());
                str = getForwardURLForError(a.dVc().name());
            }
        }
        if (de.docware.util.h.ae(str)) {
            return false;
        }
        try {
            httpServletResponse.sendRedirect(appendParameters(str, httpServletRequest));
            return false;
        } catch (IOException e3) {
            de.docware.framework.modules.gui.misc.logger.b.a(de.docware.framework.modules.gui.misc.logger.a.pLi, LogType.ERROR, e3);
            return false;
        }
    }

    public String getRequestParameter() {
        return this.requestParameter;
    }

    public void setRequestParameter(String str) {
        this.requestParameter = str;
    }

    public int getExpirationTime() {
        return this.expirationTime;
    }

    public void setExpirationTime(int i) {
        this.expirationTime = i;
    }

    public de.docware.util.security.b getSecret() {
        return this.secret;
    }

    public void setSecret(de.docware.util.security.b bVar) {
        this.secret = bVar;
    }

    public HashMap<String, List<String>> getForwardingMap() {
        return this.forwardingMap;
    }

    public void setForwardingMap(HashMap<String, List<String>> hashMap) {
        this.forwardingMap = hashMap;
    }

    public boolean isFromHeader() {
        return this.fromHeader;
    }

    public void setFromHeader(boolean z) {
        this.fromHeader = z;
    }

    public boolean isForwardWithParameters() {
        return this.forwardWithParameters;
    }

    public void setForwardWithParameters(boolean z) {
        this.forwardWithParameters = z;
    }

    public String getExpectedAudience() {
        return this.expectedAudience;
    }

    public void setExpectedAudience(String str) {
        this.expectedAudience = str;
    }

    public boolean isJwtOneTimeUse() {
        return this.jwtOneTimeUse;
    }

    public void setJwtOneTimeUse(boolean z) {
        this.jwtOneTimeUse = z;
    }

    private String getForwardURLForError(String str) {
        for (Map.Entry<String, List<String>> entry : this.forwardingMap.entrySet()) {
            if (entry.getValue().contains(str)) {
                return entry.getKey();
            }
        }
        return "";
    }

    private String appendParameters(String str, HttpServletRequest httpServletRequest) {
        if (this.forwardWithParameters) {
            String i = de.docware.util.e.i(de.docware.util.e.cG(httpServletRequest.getParameterMap()));
            str = str.contains("?") ? str + "&" + i : str + "?" + i;
        }
        return str;
    }
}
