package org.alfresco.module.vti.web;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.module.vti.handler.AuthenticationHandler;
import org.alfresco.module.vti.handler.MethodHandler;
import org.alfresco.module.vti.handler.SiteMemberMappingException;
import org.alfresco.module.vti.handler.alfresco.VtiPathHelper;
import org.alfresco.module.vti.handler.alfresco.VtiUtils;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.model.FileInfo;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.extensions.surf.util.URLDecoder;

/* loaded from: input_file:org/alfresco/module/vti/web/VtiFilter.class */
public class VtiFilter implements Filter {
    public static final String METHOD_DELETE = "DELETE";
    public static final String METHOD_HEAD = "HEAD";
    public static final String METHOD_GET = "GET";
    public static final String METHOD_OPTIONS = "OPTIONS";
    public static final String METHOD_POST = "POST";
    public static final String METHOD_PUT = "PUT";
    public static final String METHOD_TRACE = "TRACE";
    public static final String METHOD_PROPFIND = "PROPFIND";
    public static final String METHOD_LOCK = "LOCK";
    public static final String METHOD_UNLOCK = "UNLOCK";
    public static final String AUTHENTICATE_HEADER = "WWW-Authenticate";
    public static final String CONTENT_TYPE_XML = "text/xml; charset=utf-8";
    public static final String CONTENT_TYPE_HTML = "text/html; charset=utf-8";
    public static final String CONTENT_TYPE_X_VERMEER_RPC = "application/x-vermeer-rpc";
    public static final String EMULATED_SHAREPOINT_VERSION = "14.00.0.000";
    private AuthenticationHandler authenticationHandler;
    private MethodHandler vtiHandler;
    private VtiPathHelper vtiPathHelper;
    private ServletContext context;
    private static Log logger = LogFactory.getLog(VtiFilter.class);

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        validSiteUri(httpServletRequest);
        Object attribute = httpServletRequest.getAttribute("VALID_SITE_URL");
        if (logger.isDebugEnabled()) {
            logger.debug("Checking request for VTI");
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (httpServletRequest.getSession(false) == null) {
            if (attribute != null || requestURI.endsWith(".vti")) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            httpServletRequest.getSession();
        }
        String method = httpServletRequest.getMethod();
        String header = httpServletRequest.getHeader("If");
        String header2 = httpServletRequest.getHeader("If-None-Match");
        boolean z = false;
        if ((METHOD_GET.equals(method) || METHOD_HEAD.equals(method)) && !requestURI.equals("/_vti_inf.html") && !requestURI.contains("_vti_bin") && !requestURI.contains("/_vti_history") && !requestURI.startsWith(getAlfrescoContext() + "/resources") && header == null && header2 == null) {
            if (attribute != null || requestURI.endsWith(".vti")) {
                writeHeaders(httpServletRequest, httpServletResponse);
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            z = true;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Check authentication");
        }
        try {
            if (this.authenticationHandler.authenticateRequest(this.context, httpServletRequest, httpServletResponse, getAlfrescoContext()) == null) {
                if (!httpServletResponse.containsHeader(AUTHENTICATE_HEADER)) {
                    httpServletResponse.setHeader(AUTHENTICATE_HEADER, "Basic realm=\"Alfresco Server\"");
                    httpServletResponse.setStatus(401);
                    httpServletResponse.getOutputStream().close();
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("No authentication details found, requesting they authenticate");
                    return;
                }
                return;
            }
            if (logger.isDebugEnabled()) {
                logger.debug("User was authenticated successfully");
            }
            if (z) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Checking if resource exists");
                }
                if (!this.vtiHandler.existResource(httpServletRequest, httpServletResponse)) {
                    return;
                }
            }
            writeHeaders(httpServletRequest, httpServletResponse);
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (SiteMemberMappingException e) {
            httpServletResponse.setStatus(404);
            httpServletResponse.getOutputStream().close();
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.context = filterConfig.getServletContext();
    }

    public void destroy() {
        this.authenticationHandler = null;
        this.vtiHandler = null;
    }

    private void writeHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String method = httpServletRequest.getMethod();
        httpServletResponse.setHeader("MicrosoftSharePointTeamServices", EMULATED_SHAREPOINT_VERSION);
        if (METHOD_OPTIONS.equals(method)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Return VTI answer for OPTIONS request");
            }
            httpServletResponse.setHeader("MS-Author-Via", "MS-FP/4.0,DAV");
            httpServletResponse.setHeader("MicrosoftOfficeWebServer", "5.0_Collab");
            httpServletResponse.setHeader("DAV", "1,2");
            httpServletResponse.setHeader("Accept-Ranges", "none");
            httpServletResponse.setHeader("Cache-Control", "no-cache");
            httpServletResponse.setHeader("Allow", "GET, POST, OPTIONS, HEAD, MKCOL, PUT, PROPFIND, PROPPATCH, DELETE, MOVE, COPY, GETLIB, LOCK, UNLOCK");
            httpServletResponse.setHeader("DocumentManagementServer", "Properties Schema;Source Control;Version History;");
            if (VtiUtils.isMacClientRequest(httpServletRequest)) {
                httpServletResponse.setHeader("X-MSDAVEXT", "1");
                httpServletResponse.setHeader("Public-Extension", "http://schemas.microsoft.com/repl-2");
                return;
            }
            return;
        }
        if (METHOD_HEAD.equals(method) || METHOD_GET.equals(method) || METHOD_PUT.equals(method)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Return VTI answer for HEAD request");
            }
            httpServletResponse.setHeader("Public-Extension", "http://schemas.microsoft.com/repl-2");
            if (!METHOD_GET.equals(method)) {
                httpServletResponse.setHeader("Cache-Control", "no-cache");
            } else if (httpServletRequest.getRequestURI().startsWith(getAlfrescoContext() + "/resources")) {
                httpServletResponse.setHeader("Cache-Control", "public");
            } else {
                httpServletResponse.setHeader("Cache-Control", "private");
            }
            httpServletResponse.setContentType("text/html");
            return;
        }
        if (METHOD_PROPFIND.equals(method) || METHOD_LOCK.equals(method) || METHOD_UNLOCK.equals(method)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Return VTI answer for " + method + " request");
            }
            httpServletResponse.setHeader("Public-Extension", "http://schemas.microsoft.com/repl-2");
            httpServletResponse.setHeader("Cache-Control", "no-cache");
            return;
        }
        if (METHOD_POST.equals(method)) {
            httpServletResponse.setHeader("Cache-Control", "no-cache");
            httpServletResponse.setHeader("Connection", "close");
            httpServletResponse.setContentType(getContentType(httpServletRequest));
        }
    }

    private String getContentType(HttpServletRequest httpServletRequest) {
        return VtiUtils.isMacClientRequest(httpServletRequest) ? httpServletRequest.getRequestURI().endsWith(".dll") ? CONTENT_TYPE_HTML : CONTENT_TYPE_XML : CONTENT_TYPE_X_VERMEER_RPC;
    }

    private boolean validSiteUri(HttpServletRequest httpServletRequest) {
        if (!httpServletRequest.getMethod().equals(METHOD_GET)) {
            return false;
        }
        String requestURI = httpServletRequest.getRequestURI();
        String alfrescoContext = getAlfrescoContext();
        String[] split = VtiPathHelper.removeSlashes(requestURI).split("/");
        if (split[split.length - 1].indexOf(46) != -1) {
            return false;
        }
        String decode = URLDecoder.decode(requestURI);
        if (decode.length() > alfrescoContext.length()) {
            decode = decode.substring(alfrescoContext.length() + 1);
        }
        final String str = decode;
        FileInfo fileInfo = (FileInfo) AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<FileInfo>() { // from class: org.alfresco.module.vti.web.VtiFilter.1
            /* renamed from: doWork, reason: merged with bridge method [inline-methods] */
            public FileInfo m43doWork() throws Exception {
                return VtiFilter.this.vtiPathHelper.resolvePathFileInfo(str);
            }
        }, AuthenticationUtil.getSystemUserName());
        if (fileInfo != null && !fileInfo.isFolder()) {
            return false;
        }
        try {
            if (this.vtiHandler.decomposeURL(requestURI, alfrescoContext)[0].length() < alfrescoContext.length()) {
                return false;
            }
            httpServletRequest.setAttribute("VALID_SITE_URL", "true");
            return true;
        } catch (Throwable th) {
            return false;
        }
    }

    public MethodHandler getVtiHandler() {
        return this.vtiHandler;
    }

    public void setVtiHandler(MethodHandler methodHandler) {
        this.vtiHandler = methodHandler;
    }

    public VtiPathHelper getVtiPathHelper() {
        return this.vtiPathHelper;
    }

    public void setVtiPathHelper(VtiPathHelper vtiPathHelper) {
        this.vtiPathHelper = vtiPathHelper;
    }

    public String getAlfrescoContext() {
        return this.vtiPathHelper.getAlfrescoContext();
    }

    public void setAuthenticationHandler(AuthenticationHandler authenticationHandler) {
        this.authenticationHandler = authenticationHandler;
    }

    public AuthenticationHandler getAuthenticationHandler() {
        return this.authenticationHandler;
    }
}
