package org.gcube.portal.threadlocalexec;

import com.liferay.portal.model.User;
import com.liferay.portal.service.UserLocalServiceUtil;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/gcube/portal/threadlocalexec/SmartGearsPortalValve.class */
public class SmartGearsPortalValve extends ValveBase {
    private static final Logger _log = LoggerFactory.getLogger(SmartGearsPortalValve.class);
    private static final String DEFAULT_ROLE = "OrganizationMember";
    private static final String LIFERAY_POLLER_CONTEXT = "poller/receive";

    public void invoke(Request request, Response response) throws IOException, ServletException {
        SecurityTokenProvider.instance.reset();
        ScopeProvider.instance.reset();
        AuthorizationProvider.instance.reset();
        UmaJWTProvider.instance.reset();
        if ((request instanceof HttpServletRequest) && !request.getRequestURL().toString().endsWith(LIFERAY_POLLER_CONTEXT)) {
            String currentScope = PortalContext.getConfiguration().getCurrentScope(request);
            String currentUsername = getCurrentUsername(request);
            if (currentScope != null && currentUsername != null && validateContext(currentScope)) {
                try {
                    ScopeProvider.instance.set(currentScope);
                    SecurityTokenProvider.instance.set(Constants.authorizationService().resolveTokenByUserAndContext(currentUsername, currentScope));
                } catch (ObjectNotFound e) {
                    SecurityTokenProvider.instance.set(generateAuthorizationToken(currentUsername, currentScope));
                    _log.debug("generateAuthorizationToken OK for " + currentUsername + " in scope " + currentScope);
                } catch (Exception e2) {
                    _log.error("Something went wrong in generating token for " + currentUsername + " in scope " + currentScope);
                    e2.printStackTrace();
                }
                _log.debug("Getting current user");
                User currentUser = getCurrentUser(request);
                _log.debug("Getting current session");
                HttpSession session = request.getSession(false);
                if (session != null) {
                    OIDCUmaUtil.checkUMATicketAndProvideInThreadLocal(request, response, currentUser, session, currentScope);
                } else {
                    _log.debug("Session is null, cannot continue with OIDC/UMA checks");
                }
            }
        }
        getNext().invoke(request, response);
    }

    private static boolean validateContext(String str) {
        if (!str.matches("\\S+")) {
            return false;
        }
        String[] split = str.split("/");
        return split.length >= 2 && split.length <= 4;
    }

    private static String generateAuthorizationToken(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(DEFAULT_ROLE);
        try {
            return Constants.authorizationService().generateUserToken(new UserInfo(str, arrayList), str2);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String getCurrentUsername(HttpServletRequest httpServletRequest) {
        User currentUser = getCurrentUser(httpServletRequest);
        if (currentUser != null) {
            return currentUser.getScreenName();
        }
        return null;
    }

    public static User getCurrentUser(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("gcube-userId");
        if (header == null || header.compareTo("undefined") == 0) {
            return null;
        }
        try {
            return UserLocalServiceUtil.getUser(Long.parseLong(header));
        } catch (NumberFormatException e) {
            _log.error("The userId is not a number -> " + header);
            return null;
        } catch (Exception e2) {
            _log.error("The userId does not belong to any user -> " + header);
            return null;
        }
    }
}
