package crmdna.api.servlet;

import com.google.api.client.auth.oauth2.AuthorizationCodeFlow;
import com.google.api.client.auth.oauth2.Credential;
import crmdna.common.api.APIResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:crmdna/api/servlet/AuthFilter.class */
public final class AuthFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger(AuthFilter.class.getName());
    private FilterConfig filterConfig = null;
    private AuthorizationCodeFlow googleAuthflow;

    public void init(FilterConfig filterConfig) throws ServletException {
        LOGGER.setLevel(Level.INFO);
        LOGGER.info("Initializing Authorization Filter");
        this.filterConfig = filterConfig;
        try {
            this.googleAuthflow = ServletUtils.newFlow();
        } catch (IOException e) {
        }
    }

    public void destroy() {
        this.filterConfig = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.filterConfig == null) {
            return;
        }
        LOGGER.info("Invoking Authorization Filter");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("Origin");
        String[] strArr = {"https://ishacrmdev.appspot.com", "https://ishacrmdev-t.appspot.com", "https://ishacrm-sit.appspot.com", "https://ishacrm.appspot.com", "http://localhost:54031", "http://localhost:56022", "http://www.bhairaviyoga.sg", "http://bhairaviyoga.sg", "http://admin.bhairaviyoga.sg", "http://test.bhairaviyoga.sg", "http://members.bhairaviyoga.sg", "http://admin.bhairavinaturals.sg", "http://test.bhairavinaturals.sg", "http://register.ishayoga.sg", "http://crm.ishayoga.sg"};
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Content-Type");
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        httpServletResponse.setHeader("Access-Control-Max-Age", "86400");
        if (!isAuthenticated(httpServletRequest)) {
            httpServletResponse.setHeader("Access-Control-Allow-Origin", header);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (Arrays.asList(strArr).contains(header)) {
            httpServletResponse.setHeader("Access-Control-Allow-Origin", header);
        }
        HttpSession session = httpServletRequest.getSession(true);
        Object attribute = session.getAttribute("login");
        if (attribute == null) {
            httpServletResponse.setStatus(401);
            ServletUtils.setJson(httpServletResponse, new APIResponse().status(APIResponse.Status.ERROR_LOGIN_REQUIRED));
            LOGGER.info("login missing in session");
            return;
        }
        String obj = attribute.toString();
        if (session.getAttribute("loginType").toString().equalsIgnoreCase("google")) {
            Credential loadCredential = this.googleAuthflow.loadCredential(session.getId());
            if (loadCredential == null || loadCredential.getAccessToken() == null) {
                httpServletResponse.setStatus(401);
                ServletUtils.setJson(httpServletResponse, new APIResponse().status(APIResponse.Status.ERROR_LOGIN_REQUIRED));
                LOGGER.info("google auth expired for " + obj);
                return;
            }
            httpServletRequest.setAttribute("accessToken", loadCredential.getAccessToken());
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean isAuthenticated(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        String parameter = httpServletRequest.getParameter("action");
        LOGGER.info(requestURI + " -> " + parameter);
        return requestURI.startsWith("/login") ? (parameter == null || parameter.equals("google-login") || parameter.equals("login") || parameter.equals("admin-login") || parameter.equals("register")) ? false : true : requestURI.startsWith("/account") ? (parameter == null || parameter.equals("register") || parameter.equals("verify") || parameter.equals("checkVerification")) ? false : true : requestURI.startsWith("/register") ? (parameter == null || parameter.equals("registerForProgram") || parameter.equals("applyDiscount") || parameter.equals("volunteerRegistration")) ? false : true : requestURI.startsWith("/program") ? (parameter == null || parameter.equals("query") || parameter.equals("get")) ? false : true : requestURI.startsWith("/sessionPass") ? (parameter == null || parameter.equals("purchaseSubscriptionNoAuth")) ? false : true : requestURI.startsWith("/member") ? (parameter == null || parameter.equals("sendReportAsEmail")) ? false : true : requestURI.startsWith("/mailContent") ? (parameter == null || parameter.equalsIgnoreCase("viewContent")) ? false : true : requestURI.startsWith("/ieo") ? (parameter == null || parameter.equalsIgnoreCase("syncApacProfiles") || parameter.equalsIgnoreCase("log")) ? false : true : !requestURI.startsWith("/sendScheduledEmail");
    }
}
