package blackboard.platform.servlet;

import blackboard.data.registry.SystemRegistryUtil;
import blackboard.db.BbDatabase;
import blackboard.db.ConnectionManager;
import blackboard.platform.LicenseUtil;
import blackboard.platform.config.BbConfig;
import blackboard.platform.config.ConfigurationServiceFactory;
import blackboard.platform.contentsystem.service.ContentSystemService;
import blackboard.platform.context.Context;
import blackboard.platform.context.ContextManagerFactory;
import blackboard.platform.context.UnsetContextException;
import blackboard.platform.gradebook2.GradeHistoryEntry;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.proxytool.impl.OAuthSecurityProfileArgs;
import blackboard.platform.session.BbSession;
import blackboard.platform.session.BbSessionManagerServiceEx;
import blackboard.platform.session.BbSessionManagerServiceExFactory;
import blackboard.platform.session.BbSessionManagerServiceFactory;
import blackboard.platform.session.BbSessionType;
import blackboard.platform.session.CookieUtil;
import blackboard.platform.session.impl.BbSessionImpl;
import blackboard.platform.session.impl.NullSession;
import blackboard.platform.session.impl.SessionDAO;
import blackboard.util.RequestUtil;
import blackboard.util.StringUtil;
import blackboard.util.UrlUtil;
import java.io.IOException;
import java.text.DateFormat;
import java.util.Date;
import java.util.HashMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:blackboard/platform/servlet/RequestSessionFilter.class */
public class RequestSessionFilter implements Filter {
    public static final String SESSION_COOKIE = "session_id";
    public static final String SECURED_SESSION_COOKIE = "s_session_id";
    public static final String FILE_SESSION_COOKIE = "session_id";
    public static final String COOKIE_HEADER = "cookie";
    private static final String REQUEST_NESTING_COUNT = "RequestSessionFilter.nestingCount";
    public static final String PRODUCT_HEADER = "X-Blackboard-product";
    public static final String SOFTWARE_TITLE_KEY = "software_title";
    public static final String HTML5_KEY = "blackboard.jsp.HTML5";
    public static final String SECURE_FILE_HOST_KEY = "bbcms_file_isolation_host";
    private static final String LOG_USER_PK1 = "user-pk1";
    private static final String LOG_THREAD_NAME = "thread-name";
    private static final String APP_MACHINE_NAME = "X-Blackboard-appserver";
    private CacheState _cacheSetting = CacheState.Unknown;
    public static final String RELEASE_NUMBER_KEY = SystemRegistryUtil.SystemInfoRegistryKey.release_number.name();
    private static String FILE_HOSTNAME = null;
    private static Date FILE_HOSTNAME_TIME = null;
    private static String PRODUCT_STRING = null;
    private static String MACHINE_NAME = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:blackboard/platform/servlet/RequestSessionFilter$CacheState.class */
    public enum CacheState {
        Off,
        Explicit,
        Implicit,
        Unknown;

        public static CacheState getCacheState(String str) {
            if ("off".equalsIgnoreCase(str)) {
                return Off;
            }
            if ("explicit".equalsIgnoreCase(str)) {
                return Explicit;
            }
            if ("ssl".equalsIgnoreCase(str)) {
                return Unknown;
            }
            if ("always".equalsIgnoreCase(str)) {
                return Implicit;
            }
            LogServiceFactory.getInstance().logDebug("Invalid value [" + str + "] provided for cache setting.");
            return Unknown;
        }
    }

    private void setHTML5Flag(ServletRequest servletRequest) {
        if (SystemRegistryUtil.getBoolean(HTML5_KEY, false)) {
            servletRequest.setAttribute(HTML5_KEY, true);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpSession session;
        if (!(servletResponse instanceof HttpServletResponse) || !(servletRequest instanceof HttpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            incrementRequestNestingCount(httpServletRequest);
            if (httpServletRequest.isRequestedSessionIdFromURL() && (session = httpServletRequest.getSession()) != null) {
                session.invalidate();
            }
            RequestSessionFilterRequest requestSessionFilterRequest = new RequestSessionFilterRequest(httpServletRequest);
            RequestSessionFilterResponse requestSessionFilterResponse = new RequestSessionFilterResponse(httpServletResponse);
            boolean z = false;
            if (RequestContextUtil.get().contextInitNeeded(requestSessionFilterRequest.getRequestURI())) {
                z = initRequestContext(requestSessionFilterRequest, requestSessionFilterResponse);
            }
            String threadName = setThreadName();
            String serverName = httpServletRequest.getServerName();
            boolean isFileServerRequest = isFileServerRequest(httpServletRequest);
            boolean isContentRequest = isContentRequest(httpServletRequest);
            if (httpServletRequest.getRequestURI().equalsIgnoreCase("/webapps/blackboard/execute/security/isolation/editIsolation") && RequestUtil.getStringParameter(httpServletRequest, "cmd", "").equalsIgnoreCase("verify") && StringUtil.notEmpty(RequestUtil.getStringParameter(httpServletRequest, "host", ""))) {
                String string = SystemRegistryUtil.getString("isolation_verification_key", "");
                String stringParameter = RequestUtil.getStringParameter(httpServletRequest, GradeHistoryEntry.EVENT_KEY_SUBMIT);
                if (!"true".equalsIgnoreCase(stringParameter)) {
                    stringParameter = "false";
                }
                HashMap hashMap = new HashMap();
                hashMap.put("hash_id", string);
                hashMap.put(GradeHistoryEntry.EVENT_KEY_SUBMIT, stringParameter);
                RequestUtil.writeJSONPResponse(hashMap, httpServletResponse, "editIsolation.jsonpCallback");
                revertThreadName(threadName);
                if (decrementRequestNestingCount(httpServletRequest) == 0) {
                    try {
                        cleanupRequest(httpServletRequest);
                        return;
                    } catch (Exception e) {
                        LogServiceFactory.getInstance().logError("Exception while cleaning up request", e);
                        return;
                    }
                }
                return;
            }
            if (StringUtil.notEmpty(FILE_HOSTNAME)) {
                if (!isFileServerRequest && isContentRequest) {
                    doFileServerRedirect(httpServletRequest, httpServletResponse, serverName, FILE_HOSTNAME);
                    revertThreadName(threadName);
                    if (decrementRequestNestingCount(httpServletRequest) == 0) {
                        try {
                            cleanupRequest(httpServletRequest);
                            return;
                        } catch (Exception e2) {
                            LogServiceFactory.getInstance().logError("Exception while cleaning up request", e2);
                            return;
                        }
                    }
                    return;
                }
                if (isFileServerRequest && !isContentRequest) {
                    httpServletResponse.sendError(403);
                    revertThreadName(threadName);
                    if (decrementRequestNestingCount(httpServletRequest) == 0) {
                        try {
                            cleanupRequest(httpServletRequest);
                            return;
                        } catch (Exception e3) {
                            LogServiceFactory.getInstance().logError("Exception while cleaning up request", e3);
                            return;
                        }
                    }
                    return;
                }
            }
            setHTML5Flag(requestSessionFilterRequest);
            filterChain.doFilter(requestSessionFilterRequest, requestSessionFilterResponse);
            int status = requestSessionFilterResponse.getStatus();
            switch (getCacheStateForRequest(requestSessionFilterRequest, z)) {
                case Off:
                    RequestUtil.setNoCache(requestSessionFilterResponse);
                    break;
                case Explicit:
                    if (200 == status) {
                        RequestUtil.setCache(requestSessionFilterResponse);
                        break;
                    }
                    break;
            }
            revertThreadName(threadName);
            if (decrementRequestNestingCount(httpServletRequest) == 0) {
                try {
                    cleanupRequest(httpServletRequest);
                } catch (Exception e4) {
                    LogServiceFactory.getInstance().logError("Exception while cleaning up request", e4);
                }
            }
        } catch (Throwable th) {
            revertThreadName(null);
            if (decrementRequestNestingCount(httpServletRequest) == 0) {
                try {
                    cleanupRequest(httpServletRequest);
                } catch (Exception e5) {
                    LogServiceFactory.getInstance().logError("Exception while cleaning up request", e5);
                }
            }
            throw th;
        }
    }

    private void doFileServerRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws IOException {
        String str3;
        BbSessionManagerServiceEx bbSessionManagerServiceExFactory = BbSessionManagerServiceExFactory.getInstance();
        BbSession session = bbSessionManagerServiceExFactory.getSession(httpServletRequest);
        if (session == null || !(session instanceof BbSessionImpl)) {
            str3 = "";
        } else {
            BbSessionImpl bbSessionImpl = (BbSessionImpl) session;
            Date date = new Date();
            String generateSessionHash = bbSessionManagerServiceExFactory.generateSessionHash(session);
            bbSessionManagerServiceExFactory.storeKey(generateSessionHash, DateFormat.getInstance().format(date), bbSessionImpl);
            str3 = "one_hash=" + generateSessionHash + "&f_hash=" + bbSessionImpl.getBbFileOneTimeSessionIdMd5();
        }
        String replaceFirst = httpServletRequest.getRequestURL().toString().replaceFirst(str, str2);
        if (StringUtil.notEmpty(str3)) {
            replaceFirst = UrlUtil.appendQueryParamStringToUrl(replaceFirst, str3);
        }
        httpServletResponse.sendRedirect(replaceFirst);
    }

    private long incrementRequestNestingCount(HttpServletRequest httpServletRequest) {
        Long l = (Long) httpServletRequest.getAttribute(REQUEST_NESTING_COUNT);
        Long valueOf = Long.valueOf(l == null ? 1L : l.longValue() + 1);
        httpServletRequest.setAttribute(REQUEST_NESTING_COUNT, valueOf);
        return valueOf.longValue();
    }

    private long decrementRequestNestingCount(HttpServletRequest httpServletRequest) {
        Long l = (Long) httpServletRequest.getAttribute(REQUEST_NESTING_COUNT);
        Long valueOf = Long.valueOf(l == null ? 0L : l.longValue() - 1);
        httpServletRequest.setAttribute(REQUEST_NESTING_COUNT, valueOf);
        return valueOf.longValue();
    }

    private void cleanupRequest(HttpServletRequest httpServletRequest) {
        try {
            for (BbDatabase bbDatabase : BbDatabase.getAllInstances()) {
                ConnectionManager connectionManager = bbDatabase.getConnectionManager();
                if (connectionManager.cleanPinnedConnections()) {
                    LogServiceFactory.getInstance().logWarning("Request left a pinned connection active: " + getRequestUrl(httpServletRequest));
                }
                if (connectionManager.cleanUnreleasedConnections()) {
                    LogServiceFactory.getInstance().logWarning("Request left a connection open: " + getRequestUrl(httpServletRequest));
                }
            }
            ContextManagerFactory.getInstance().purgeContext();
        } catch (Throwable th) {
            ContextManagerFactory.getInstance().purgeContext();
            throw th;
        }
    }

    private String getRequestUrl(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        return null != httpServletRequest.getQueryString() ? requestURI + "?" + httpServletRequest.getQueryString() : requestURI;
    }

    private void updateRequestForLogging(HttpServletRequest httpServletRequest) {
        httpServletRequest.setAttribute(LOG_USER_PK1, ContextManagerFactory.getInstance().getContext().getUserId().toExternalString());
        httpServletRequest.setAttribute(LOG_THREAD_NAME, Thread.currentThread().getName());
    }

    private boolean initRequestContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if (null == httpServletRequest.getCharacterEncoding()) {
                httpServletRequest.setCharacterEncoding("UTF-8");
            }
            Context context = ContextManagerFactory.getInstance().setContext(httpServletRequest);
            httpServletRequest.setAttribute(Context.PARAM_NAME, context);
            context.setAttribute("http.response", httpServletResponse);
            setCustomHeader(httpServletResponse);
            updateRequestForLogging(httpServletRequest);
            if (!(!(BbSessionManagerServiceFactory.getInstance().getSession(httpServletRequest) instanceof NullSession)) || !shouldSendSessionCookie(httpServletRequest)) {
                return false;
            }
            SessionCookieUtil.addSessionCookie(httpServletRequest, httpServletResponse);
            return true;
        } catch (Exception e) {
            LogServiceFactory.getInstance().logDebug("RequestSessionFilter.initRequestContext()", e);
            return false;
        }
    }

    private boolean shouldSendSessionCookie(HttpServletRequest httpServletRequest) {
        return (RequestContextUtil.get().isCacheable(httpServletRequest.getRequestURI()) || isContentSystemUrl(httpServletRequest) || isCourseArchiveUrl(httpServletRequest)) ? false : true;
    }

    private CacheState getCacheStateForRequest(HttpServletRequest httpServletRequest, boolean z) {
        CacheState cacheState;
        CacheState cacheState2 = this._cacheSetting;
        if (RequestContextUtil.get().isCacheable(httpServletRequest.getRequestURI())) {
            cacheState = CacheState.Explicit;
            if (isContentSystemUrl(httpServletRequest)) {
                cacheState = CacheState.Off;
            } else if (isCourseArchiveUrl(httpServletRequest)) {
                cacheState = CacheState.Off;
            } else if (isPrivateCourseContentUrl(httpServletRequest)) {
                cacheState = CacheState.Off;
            } else if (z) {
                cacheState = CacheState.Off;
            }
        } else {
            cacheState = CacheState.Off;
        }
        if (httpServletRequest.isSecure() && CacheState.Off == cacheState && (!z || OAuthSecurityProfileArgs.METHOD_POST.equalsIgnoreCase(httpServletRequest.getMethod()))) {
            cacheState = CacheState.Implicit;
        }
        return cacheState;
    }

    private boolean isContentSystemUrl(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getContextPath().startsWith(ContentSystemService.WEBDAV_SERVLET_PATH);
    }

    private boolean isCourseArchiveUrl(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getContextPath().startsWith("/courses") && httpServletRequest.getRequestURI().contains("/archive");
    }

    private boolean isPrivateCourseContentUrl(HttpServletRequest httpServletRequest) {
        return UrlUtil.unformatEmbeddedSessionUrl(httpServletRequest.getRequestURI()).startsWith("/courses/") && !httpServletRequest.getRequestURI().contains("/ppg/");
    }

    private void setCustomHeader(HttpServletResponse httpServletResponse) {
        if (MACHINE_NAME == null) {
            try {
                MACHINE_NAME = ConfigurationServiceFactory.getInstance().getBbProperty(BbConfig.APPSERVER_FULLHOSTNAME, null);
            } catch (Exception e) {
                LogServiceFactory.getInstance().logError("Failed to load machine name from configuration", e);
                MACHINE_NAME = "-error-";
            }
        }
        httpServletResponse.setHeader(APP_MACHINE_NAME, MACHINE_NAME);
        if (PRODUCT_STRING == null) {
            StringBuilder sb = new StringBuilder();
            try {
                String rawString = SystemRegistryUtil.getRawString(SOFTWARE_TITLE_KEY, null);
                if (null != rawString) {
                    sb.append(rawString);
                }
            } catch (Exception e2) {
                LogServiceFactory.getInstance().logDebug("Couldn't get software_title from SystemRegistry!", e2);
            }
            try {
                sb.append(" " + LicenseUtil.getBuildNumber());
            } catch (Exception e3) {
                LogServiceFactory.getInstance().logDebug("Couldn't get release_number from SystemRegistry!", e3);
            }
            if (sb.length() == 0) {
                return;
            } else {
                PRODUCT_STRING = sb.toString();
            }
        }
        httpServletResponse.setHeader("P3P", "CP=\"CAO PSA OUR\"");
        httpServletResponse.setHeader(PRODUCT_HEADER, PRODUCT_STRING);
    }

    private String setThreadName() {
        try {
            Thread currentThread = Thread.currentThread();
            String name = currentThread.getName();
            StringBuilder sb = new StringBuilder(name);
            Context context = ContextManagerFactory.getInstance().getContext();
            sb.append(": userId=").append(context.getUserId().toExternalString());
            BbSession session = context.getSession();
            if (null != session) {
                sb.append(", sessionId=").append(session.getBbSessionIdMd5());
            }
            currentThread.setName(sb.toString());
            return name;
        } catch (UnsetContextException e) {
            return null;
        }
    }

    private void revertThreadName(String str) {
        if (null != str) {
            Thread.currentThread().setName(str);
        }
    }

    public void init(FilterConfig filterConfig) {
        this._cacheSetting = CacheState.getCacheState(ConfigurationServiceFactory.getInstance().getBbProperty(BbConfig.CACHE_HANDLER_SETTING, "INSECURE"));
        loadFileServerHostName();
    }

    public void destroy() {
    }

    public static boolean isContentRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().startsWith("/bbcswebdav/");
    }

    public static boolean isFileServerRequest(HttpServletRequest httpServletRequest) {
        String serverName = httpServletRequest.getServerName();
        loadFileServerHostName();
        if (FILE_HOSTNAME == null || FILE_HOSTNAME.isEmpty()) {
            return false;
        }
        return StringUtil.isEqualIgnoreCase(FILE_HOSTNAME, serverName);
    }

    /* JADX WARN: Code restructure failed: missing block: B:38:0x0031, code lost:
    
        if (r7.equalsIgnoreCase(blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME) != false) goto L33;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static void loadFileServerHostName() {
        /*
            java.util.Date r0 = new java.util.Date
            r1 = r0
            r1.<init>()
            r6 = r0
            java.lang.String r0 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME
            r7 = r0
            r0 = r7
            if (r0 == 0) goto L20
            java.util.Date r0 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME_TIME
            if (r0 == 0) goto L8f
            r0 = r6
            java.util.Date r1 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME_TIME
            boolean r0 = r0.after(r1)
            if (r0 == 0) goto L8f
        L20:
            java.lang.Class<blackboard.platform.servlet.RequestSessionFilter> r0 = blackboard.platform.servlet.RequestSessionFilter.class
            r1 = r0
            r8 = r1
            monitor-enter(r0)
            r0 = r7
            if (r0 == 0) goto L34
            r0 = r7
            java.lang.String r1 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME     // Catch: java.lang.Throwable -> L88
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: java.lang.Throwable -> L88
            if (r0 == 0) goto L83
        L34:
            java.lang.String r0 = "bbcms_file_isolation_host"
            java.lang.String r1 = ""
            java.lang.String r0 = blackboard.data.registry.SystemRegistryUtil.getString(r0, r1)     // Catch: java.lang.Exception -> L3f java.lang.Throwable -> L88
            r7 = r0
            goto L5b
        L3f:
            r9 = move-exception
            java.lang.String r0 = "Exception occurred while getting %s"
            r1 = 1
            java.lang.Object[] r1 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L88
            r2 = r1
            r3 = 0
            java.lang.String r4 = "bbcms_file_isolation_host"
            r2[r3] = r4     // Catch: java.lang.Throwable -> L88
            java.lang.String r0 = java.lang.String.format(r0, r1)     // Catch: java.lang.Throwable -> L88
            r10 = r0
            blackboard.platform.log.LogService r0 = blackboard.platform.log.LogServiceFactory.getInstance()     // Catch: java.lang.Throwable -> L88
            r1 = r10
            r2 = r9
            r0.logError(r1, r2)     // Catch: java.lang.Throwable -> L88
        L5b:
            java.lang.String r0 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME     // Catch: java.lang.Throwable -> L88
            if (r0 == 0) goto L6f
            r0 = r7
            if (r0 == 0) goto L83
            r0 = r7
            java.lang.String r1 = blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME     // Catch: java.lang.Throwable -> L88
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: java.lang.Throwable -> L88
            if (r0 != 0) goto L83
        L6f:
            r0 = r6
            r1 = r6
            long r1 = r1.getTime()     // Catch: java.lang.Throwable -> L88
            r2 = 30000(0x7530, double:1.4822E-319)
            long r1 = r1 + r2
            r0.setTime(r1)     // Catch: java.lang.Throwable -> L88
            r0 = r7
            blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME = r0     // Catch: java.lang.Throwable -> L88
            r0 = r6
            blackboard.platform.servlet.RequestSessionFilter.FILE_HOSTNAME_TIME = r0     // Catch: java.lang.Throwable -> L88
        L83:
            r0 = r8
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L88
            goto L8f
        L88:
            r11 = move-exception
            r0 = r8
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L88
            r0 = r11
            throw r0
        L8f:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: blackboard.platform.servlet.RequestSessionFilter.loadFileServerHostName():void");
    }

    public static String getSessionHash(HttpServletRequest httpServletRequest, boolean z) {
        Cookie sessionCookie = getSessionCookie(httpServletRequest, z);
        if (null != sessionCookie) {
            return isFileServerRequest(httpServletRequest) ? SessionDAO.Factory.getInstance().loadSession(sessionCookie.getValue(), BbSessionType.FileServer).getBbSessionIdMd5() : sessionCookie.getValue();
        }
        return null;
    }

    public static Cookie getSessionCookie(HttpServletRequest httpServletRequest, boolean z) {
        for (Cookie cookie : CookieUtil.getCookies(httpServletRequest, z ? SECURED_SESSION_COOKIE : "session_id", false)) {
            String value = cookie.getValue();
            if (null != value && value.length() > 2) {
                return cookie;
            }
        }
        if (!isFileServerRequest(httpServletRequest)) {
            return null;
        }
        for (Cookie cookie2 : CookieUtil.getCookies(httpServletRequest, "session_id", false)) {
            String value2 = cookie2.getValue();
            if (null != value2 && value2.length() > 2) {
                return cookie2;
            }
        }
        return null;
    }
}
