package blackboard.platform.servlet;

import blackboard.data.registry.SystemRegistryUtil;
import blackboard.platform.gradebook2.GradeHistoryEntry;
import blackboard.platform.session.BbSession;
import blackboard.platform.session.BbSessionManagerServiceEx;
import blackboard.platform.session.BbSessionManagerServiceExFactory;
import blackboard.platform.session.impl.BbSessionImpl;
import blackboard.util.RequestUtil;
import blackboard.util.StringUtil;
import blackboard.util.UrlUtil;
import java.io.IOException;
import java.text.DateFormat;
import java.util.Date;
import java.util.HashMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/servlet/ContentIsolationFilter.class */
public class ContentIsolationFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletResponse instanceof HttpServletResponse) || !(servletRequest instanceof HttpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String serverName = httpServletRequest.getServerName();
        boolean isFileServerRequest = RequestContextUtil.get().isFileServerRequest(httpServletRequest);
        boolean isContentRequest = isContentRequest(httpServletRequest);
        if (httpServletRequest.getRequestURI().equalsIgnoreCase("/webapps/blackboard/execute/security/isolation/editIsolation") && RequestUtil.getStringParameter(httpServletRequest, "cmd", "").equalsIgnoreCase("verify") && StringUtil.notEmpty(RequestUtil.getStringParameter(httpServletRequest, "host", ""))) {
            String string = SystemRegistryUtil.getString("isolation_verification_key", "");
            String stringParameter = RequestUtil.getStringParameter(httpServletRequest, GradeHistoryEntry.EVENT_KEY_SUBMIT);
            if (!"true".equalsIgnoreCase(stringParameter)) {
                stringParameter = "false";
            }
            HashMap hashMap = new HashMap();
            hashMap.put("hash_id", string);
            hashMap.put(GradeHistoryEntry.EVENT_KEY_SUBMIT, stringParameter);
            RequestUtil.writeJSONPResponse(hashMap, httpServletResponse, "editIsolation.jsonpCallback");
            return;
        }
        String loadFileServerHostName = RequestContextUtil.get().loadFileServerHostName();
        if (StringUtil.notEmpty(loadFileServerHostName)) {
            if (!isFileServerRequest && isContentRequest) {
                doFileServerRedirect(httpServletRequest, httpServletResponse, serverName, loadFileServerHostName);
                return;
            } else if (isFileServerRequest && !isContentRequest) {
                httpServletResponse.sendError(403);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    public static boolean isContentRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().startsWith("/bbcswebdav/");
    }

    private void doFileServerRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws IOException {
        String str3;
        BbSessionManagerServiceEx bbSessionManagerServiceExFactory = BbSessionManagerServiceExFactory.getInstance();
        BbSession session = bbSessionManagerServiceExFactory.getSession(httpServletRequest);
        if (session == null || !(session instanceof BbSessionImpl)) {
            str3 = "";
        } else {
            BbSessionImpl bbSessionImpl = (BbSessionImpl) session;
            Date date = new Date();
            String generateSessionHash = bbSessionManagerServiceExFactory.generateSessionHash(session);
            bbSessionManagerServiceExFactory.storeKey(generateSessionHash, DateFormat.getInstance().format(date), bbSessionImpl);
            str3 = "one_hash=" + generateSessionHash + "&f_hash=" + bbSessionImpl.getBbFileOneTimeSessionIdMd5();
        }
        String replaceFirst = httpServletRequest.getRequestURL().toString().replaceFirst(str, str2);
        if (StringUtil.notEmpty(str3)) {
            replaceFirst = UrlUtil.appendQueryParamStringToUrl(replaceFirst, str3);
        }
        httpServletResponse.sendRedirect(replaceFirst);
    }
}
