package com.appiancorp.security.web;

import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.security.cors.CorsUtil;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/appiancorp/security/web/DomainFilter.class */
public class DomainFilter implements Filter {
    private static final String ERROR_PAGE_PATH = "/framework/error/genericerror.jsp";
    private static final String WEB_CONTENT_ENDPOINT = "/rest/a/content/latest/webcontent/";
    private static final String DOC_VIEWER_ENDPOINT = "/rest/a/content/latest/docview/";
    private static final String CSP_DYNAMIC_REPORT_ENDPOINT = "/rest/a/logging/latest/csp-dynamic/report";
    private static final String CSP_STATIC_REPORT_ENDPOINT = "/rest/a/logging/latest/csp-static/report";
    private static final SuiteConfiguration suiteConfig = (SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class);
    private static final String staticHost = suiteConfig.getStaticHostAndPort().getHost();
    private static final String dynamicHost = suiteConfig.getDynamicHostAndPort().getHost();
    private static final String baseHost = suiteConfig.getHostAndPort().getHost();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String serverName = servletRequest.getServerName();
            String servletPath = httpServletRequest.getServletPath();
            if (serverName != null && servletPath != null) {
                if (serverName.equals(baseHost) && isCspEndpoint(servletPath)) {
                    forwardForbidden(httpServletRequest, httpServletResponse);
                    return;
                }
                if (Strings.isNullOrEmpty(staticHost) || !serverName.equals(staticHost)) {
                    if (!Strings.isNullOrEmpty(dynamicHost) && serverName.equals(dynamicHost) && handleDynamicCspRequest(httpServletRequest, httpServletResponse, servletPath)) {
                        return;
                    }
                } else if (handleStaticCspRequest(httpServletRequest, httpServletResponse, servletPath)) {
                    return;
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean isCspEndpoint(String str) {
        return str.contains(DOC_VIEWER_ENDPOINT) || str.contains(WEB_CONTENT_ENDPOINT) || str.contains(CSP_STATIC_REPORT_ENDPOINT) || str.contains(CSP_DYNAMIC_REPORT_ENDPOINT);
    }

    private boolean handleStaticCspRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException, IOException {
        if (!str.contains(DOC_VIEWER_ENDPOINT) && !str.contains(CSP_STATIC_REPORT_ENDPOINT)) {
            forwardForbidden(httpServletRequest, httpServletResponse);
            return true;
        }
        if (!str.contains(CSP_STATIC_REPORT_ENDPOINT)) {
            return false;
        }
        String header = httpServletRequest.getHeader(CorsUtil.HEADER_REFERER);
        if (Strings.isNullOrEmpty(header)) {
            return false;
        }
        if (header.contains(staticHost) && header.contains(DOC_VIEWER_ENDPOINT)) {
            return false;
        }
        forwardForbidden(httpServletRequest, httpServletResponse);
        return true;
    }

    private boolean handleDynamicCspRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException, IOException {
        if (!str.contains(WEB_CONTENT_ENDPOINT) && !str.contains(CSP_DYNAMIC_REPORT_ENDPOINT)) {
            forwardForbidden(httpServletRequest, httpServletResponse);
            return true;
        }
        if (!str.contains(CSP_DYNAMIC_REPORT_ENDPOINT)) {
            return false;
        }
        String header = httpServletRequest.getHeader(CorsUtil.HEADER_REFERER);
        if (Strings.isNullOrEmpty(header)) {
            return false;
        }
        if (header.contains(dynamicHost) && header.contains(WEB_CONTENT_ENDPOINT)) {
            return false;
        }
        forwardForbidden(httpServletRequest, httpServletResponse);
        return true;
    }

    private void forwardForbidden(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(ERROR_PAGE_PATH);
        httpServletResponse.setStatus(403);
        requestDispatcher.forward(httpServletRequest, httpServletResponse);
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
