package org.eclnt.jsfserver.util;

import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import org.eclnt.jsfserver.util.security.StringHider;
import org.eclnt.util.log.CLog;
import org.eclnt.util.valuemgmt.ValueManager;

/* loaded from: input_file:org/eclnt/jsfserver/util/SecurityFilterRemoteAddress.class */
public class SecurityFilterRemoteAddress extends CCFilterBase implements Filter, ICCServerConstants {
    static final String SESSIONATT_REMOTEADDRESS = "ccremoteaddress";
    static Object SYNCHER = new Object();

    @Override // org.eclnt.jsfserver.util.CCFilterBase
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // org.eclnt.jsfserver.util.CCFilterBase
    public void doFilterExecute(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            performCheckRemoteAddress(httpServletRequest.getSession(false), httpServletRequest);
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (Throwable th) {
            if (th instanceof Error) {
                throw ((Error) th);
            }
            if (th instanceof RuntimeException) {
                throw ((RuntimeException) th);
            }
            if (th instanceof IOException) {
                throw ((IOException) th);
            }
            if (!(th instanceof ServletException)) {
                throw new Error((Throwable) th);
            }
            throw th;
        }
    }

    private void performCheckRemoteAddress(HttpSession httpSession, HttpServletRequest httpServletRequest) {
        if (httpSession != null && HttpSessionAccess.checkIfCurrentClientTypeIsRisc(httpServletRequest)) {
            String readRemoteAddressFromRequest = readRemoteAddressFromRequest(httpServletRequest);
            String readRemoteAddressFromSession = readRemoteAddressFromSession(httpSession);
            if (readRemoteAddressFromSession == null) {
                writeRemoteAddressIntoSession(httpSession, readRemoteAddressFromRequest);
            } else {
                if (checkIfRemoteAdressesAreEqual(readRemoteAddressFromSession, readRemoteAddressFromRequest)) {
                    return;
                }
                CLog.L.log(CLog.LL_ERR, "Client that sends the request is not the one that created the session. Aborting security check with error. " + httpServletRequest.getRequestURI());
                CLog.L.log(CLog.LL_ERR, "Session information: " + readRemoteAddressFromSession);
                CLog.L.log(CLog.LL_ERR, "Request information: " + readRemoteAddressFromRequest);
                throw new Error("Client that sends the request is not the one that created the session. Request is cancelled: " + httpServletRequest.getRequestURI());
            }
        }
    }

    protected String readRemoteAddressFromRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRemoteAddr() + "/" + readRemoteAddressXFF(httpServletRequest) + "/" + readUserAgent(httpServletRequest);
    }

    private String readUserAgent(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader(ICCServerConstants.HEADER_ATTRIBUTE_USERAGENT);
    }

    private String readRemoteAddressXFF(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("x-forwarded-for");
        if (header != null) {
            int indexOf = header.indexOf(ValueManager.CHAR_COMMA);
            if (indexOf >= 0) {
                header = header.substring(0, indexOf);
            }
            String trim = header.trim();
            int indexOf2 = trim.indexOf(":");
            if (indexOf2 >= 0) {
                trim = trim.substring(0, indexOf2);
            }
            header = trim.trim();
        }
        return header;
    }

    private String readRemoteAddressFromSession(HttpSession httpSession) {
        StringHider stringHider;
        if (httpSession == null || (stringHider = (StringHider) httpSession.getAttribute(SESSIONATT_REMOTEADDRESS)) == null) {
            return null;
        }
        return stringHider.getValue();
    }

    private void writeRemoteAddressIntoSession(HttpSession httpSession, String str) {
        if (httpSession == null) {
            return;
        }
        httpSession.setAttribute(SESSIONATT_REMOTEADDRESS, new StringHider(str));
    }

    public void destroy() {
    }

    protected boolean checkIfRemoteAdressesAreEqual(String str, String str2) {
        if (ValueManager.checkIfStringsAreEqual(str, str2)) {
            return true;
        }
        return str.startsWith("127.0.0.1") && str2.startsWith("0:0:0:0:0:0:0:1");
    }
}
