package fr.brouillard.oss.security.xhub.servlet;

import fr.brouillard.oss.security.xhub.XHub;
import fr.brouillard.oss.security.xhub.servlet.impl.ReadableHttpServletRequestWrapper;
import gov.nist.core.Separators;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:lib/xhub4j-servlet-1.1.0.jar:fr/brouillard/oss/security/xhub/servlet/XHubFilter.class */
public class XHubFilter implements Filter {
    private String token;
    public final String HEADER_XHUB_PROPERTY = "x-hub-header";
    public final String TOKEN_PARAM_NAME = "x-hub-token";
    public final String CONVERTER_PARAM_NAME = "x-hub-converter";
    private final String DEFAULT_CONVERTER = XHub.XHubConverter.HEXA_LOWERCASE.name();
    private String headerProperty = XHub.DEFAULT_HEADER_XHUB_PROPERTY;
    private XHub.XHubConverter converter = XHub.XHubConverter.valueOf(this.DEFAULT_CONVERTER);

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.token = filterConfig.getInitParameter("x-hub-token");
        if (this.token == null) {
            throw new ServletException(String.format("missing mandatory %s  in filter %s configuration", "x-hub-token", XHubFilter.class.getName()));
        }
        this.headerProperty = (String) Optional.ofNullable(filterConfig.getInitParameter("x-hub-header")).orElse(this.headerProperty);
        this.converter = (XHub.XHubConverter) Optional.ofNullable(filterConfig.getInitParameter("x-hub-converter")).map(XHub.XHubConverter::valueOf).orElse(this.converter);
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            ReadableHttpServletRequestWrapper readableHttpServletRequestWrapper = new ReadableHttpServletRequestWrapper(httpServletRequest);
            String header = httpServletRequest.getHeader(getHeaderProperty());
            if (header == null) {
                throw new ServletException(String.format("no %s security header received, cannot authenticate call", getHeaderProperty()));
            }
            String[] split = header.split(Separators.EQUALS);
            if (split.length != 2) {
                throw new ServletException(String.format("received %s security header cannot be splitted, should be of the form {DIGEST}:{TOKEN}", getHeaderProperty()));
            }
            String str = split[0];
            String str2 = split[1];
            String generateXHubToken = XHub.generateXHubToken(getConverter(), XHub.XHubDigest.fromAlgorithm(str), getToken(), readableHttpServletRequestWrapper.getRequestBodyData());
            if (!generateXHubToken.equals(str2)) {
                throw new ServletException(String.format("Security failure, received message '%s: %s' does not match calculated one: %s for %s digest", getHeaderProperty(), header, generateXHubToken, str));
            }
            filterChain.doFilter(readableHttpServletRequestWrapper, servletResponse);
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    protected String getToken() {
        return this.token;
    }

    protected String getHeaderProperty() {
        return this.headerProperty;
    }

    protected XHub.XHubConverter getConverter() {
        return this.converter;
    }
}
