package org.esbtools.auth.servlet;

import java.io.IOException;
import java.security.cert.X509Certificate;
import javax.naming.NamingException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.esbtools.auth.util.Environment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/esbtools/auth/servlet/CertEnvironmentVerificationFilter.class */
public class CertEnvironmentVerificationFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(CertEnvironmentVerificationFilter.class);
    private final Environment env;

    public CertEnvironmentVerificationFilter(String str) {
        this.env = new Environment(str);
        LOGGER.info("Cert Environment: " + (str == null ? "Not Set" : str));
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        LOGGER.debug("Attempting Environment Cert verification");
        X509Certificate[] x509CertificateArr = (X509Certificate[]) servletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (null == x509CertificateArr || x509CertificateArr.length <= 0) {
            LOGGER.debug("Cert not found. Skipping Environment Cert verification.");
        } else {
            LOGGER.debug("Verifying environment on cert");
            try {
                this.env.validate(x509CertificateArr[0].getSubjectDN().getName());
            } catch (NamingException e) {
                unsuccessfulAuthentication(servletRequest, servletResponse, e);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    protected void unsuccessfulAuthentication(ServletRequest servletRequest, ServletResponse servletResponse, NamingException namingException) throws IOException, ServletException {
        if (servletResponse instanceof HttpServletResponse) {
            ((HttpServletResponse) servletResponse).setStatus(401);
        }
        servletResponse.setContentType("text/html");
        servletResponse.getWriter().write("<html><head><title>Error</title></head><body>" + namingException.getMessage() + "</body></html>");
    }
}
