package org.apache.ambari.server.security.authorization;

import java.security.Principal;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import org.apache.ambari.server.audit.AuditLogger;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.security.AmbariEntryPoint;
import org.apache.ambari.server.view.ViewRegistry;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.class */
public class AmbariAuthorizationFilter implements Filter {
    private static final String REALM_PARAM = "realm";
    private static final String DEFAULT_REALM = "AuthFilter";
    private static final String INTERNAL_TOKEN_HEADER = "X-Internal-Token";
    private static final Pattern STACK_ADVISOR_REGEX = Pattern.compile("/api/v[0-9]+/stacks/[^/]+/versions/[^/]+/(validations|recommendations).*");
    public static final String API_VERSION_PREFIX = "/api/v[0-9]+";
    public static final String VIEWS_CONTEXT_PATH_PREFIX = "/views/";
    private static final String VIEWS_CONTEXT_PATH_PATTERN = "/views/([^/]+)/([^/]+)/([^/]+)(.*)";
    private static final String VIEWS_CONTEXT_ALL_PATTERN = "/views/.*";
    private static final String API_USERS_ALL_PATTERN = "/api/v[0-9]+/users.*";
    private static final String API_PRIVILEGES_ALL_PATTERN = "/api/v[0-9]+/privileges.*";
    private static final String API_GROUPS_ALL_PATTERN = "/api/v[0-9]+/groups.*";
    private static final String API_CLUSTERS_PATTERN = "/api/v[0-9]+/clusters/(\\w+/?)?";
    private static final String API_WIDGET_LAYOUTS_PATTERN = "/api/v[0-9]+/clusters/.*?/widget_layouts.*?";
    private static final String API_WIDGET_PATTERN = "/api/v[0-9]+/clusters/.*?/widgets.*";
    private static final String API_CLUSTERS_ALL_PATTERN = "/api/v[0-9]+/clusters.*";
    private static final String API_VIEWS_ALL_PATTERN = "/api/v[0-9]+/views.*";
    private static final String API_PERSIST_ALL_PATTERN = "/api/v[0-9]+/persist.*";
    private static final String API_LDAP_SYNC_EVENTS_ALL_PATTERN = "/api/v[0-9]+/ldap_sync_events.*";
    private static final String API_CREDENTIALS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/credentials.*";
    private static final String API_CREDENTIALS_AMBARI_PATTERN = "/api/v[0-9]+/clusters/.*?/credentials/ambari\\..*";
    private static final String API_CLUSTER_REQUESTS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/requests.*";
    private static final String API_CLUSTER_SERVICES_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/services.*";
    private static final String API_CLUSTER_ALERT_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/alert.*";
    private static final String API_CLUSTER_HOSTS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/hosts.*";
    private static final String API_CLUSTER_CONFIGURATIONS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/configurations.*";
    private static final String API_CLUSTER_COMPONENTS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/components.*";
    private static final String API_CLUSTER_HOST_COMPONENTS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/host_components.*";
    private static final String API_CLUSTER_CONFIG_GROUPS_ALL_PATTERN = "/api/v[0-9]+/clusters/.*?/config_groups.*";
    private static final String API_STACK_VERSIONS_PATTERN = "/api/v[0-9]+/stacks/.*?/versions/.*";
    private static final String API_HOSTS_ALL_PATTERN = "/api/v[0-9]+/hosts.*";
    private static final String API_ALERT_TARGETS_ALL_PATTERN = "/api/v[0-9]+/alert_targets.*";
    private static final String API_BOOTSTRAP_PATTERN_ALL = "/api/v[0-9]+/bootstrap.*";
    private static final String API_REQUESTS_ALL_PATTERN = "/api/v[0-9]+/requests.*";
    private static final String API_CLUSTERS_UPGRADES_PATTERN = "/api/v[0-9]+/clusters/.*?/upgrades.*";
    protected static final String LOGIN_REDIRECT_BASE = "/#/login?targetURI=";
    private final AmbariEntryPoint entryPoint;
    private final Configuration configuration;
    private final Users users;
    private final AuditLogger auditLogger;
    private final PermissionHelper permissionHelper;
    private String realm;

    public AmbariAuthorizationFilter(AmbariEntryPoint ambariEntryPoint, Configuration configuration, Users users, AuditLogger auditLogger, PermissionHelper permissionHelper) {
        this.entryPoint = ambariEntryPoint;
        this.configuration = configuration;
        this.users = users;
        this.auditLogger = auditLogger;
        this.permissionHelper = permissionHelper;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.realm = getParameterValue(filterConfig, "realm", DEFAULT_REALM);
    }

    /* JADX WARN: Code restructure failed: missing block: B:68:0x0257, code lost:
    
        r17 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:77:0x022b, code lost:
    
        r17 = true;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v162, types: [org.apache.ambari.server.audit.event.AuditEvent, org.apache.ambari.server.audit.event.AbstractAuditEvent] */
    /* JADX WARN: Type inference failed for: r0v76, types: [org.apache.ambari.server.audit.event.AuditEvent, org.apache.ambari.server.audit.event.AbstractAuditEvent] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void doFilter(javax.servlet.ServletRequest r8, javax.servlet.ServletResponse r9, javax.servlet.FilterChain r10) throws java.io.IOException, javax.servlet.ServletException {
        /*
            Method dump skipped, instructions count: 958
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.ambari.server.security.authorization.AmbariAuthorizationFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain):void");
    }

    private Authentication getDefaultAuthentication() {
        final User user;
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = null;
        if (this.configuration != null && this.users != null) {
            String defaultApiAuthenticatedUser = this.configuration.getDefaultApiAuthenticatedUser();
            if (!StringUtils.isEmpty(defaultApiAuthenticatedUser) && (user = this.users.getUser(defaultApiAuthenticatedUser)) != null) {
                usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(new Principal() { // from class: org.apache.ambari.server.security.authorization.AmbariAuthorizationFilter.1
                    @Override // java.security.Principal
                    public String getName() {
                        return user.getUserName();
                    }
                }, (Object) null, this.users.getUserAuthorities(user.getUserName()));
            }
        }
        return usernamePasswordAuthenticationToken;
    }

    private boolean authorizationPerformedInternally(String str) {
        return str.matches(API_USERS_ALL_PATTERN) || str.matches(API_REQUESTS_ALL_PATTERN) || str.matches(API_GROUPS_ALL_PATTERN) || str.matches(API_CREDENTIALS_ALL_PATTERN) || str.matches(API_PRIVILEGES_ALL_PATTERN) || str.matches(API_CLUSTER_REQUESTS_ALL_PATTERN) || str.matches(API_CLUSTER_SERVICES_ALL_PATTERN) || str.matches(API_CLUSTER_ALERT_ALL_PATTERN) || str.matches(API_CLUSTERS_PATTERN) || str.matches(API_STACK_VERSIONS_PATTERN) || str.matches(API_VIEWS_ALL_PATTERN) || str.matches(VIEWS_CONTEXT_PATH_PATTERN) || str.matches(API_WIDGET_LAYOUTS_PATTERN) || str.matches(API_WIDGET_PATTERN) || str.matches(API_CLUSTER_HOSTS_ALL_PATTERN) || str.matches(API_CLUSTER_CONFIGURATIONS_ALL_PATTERN) || str.matches(API_CLUSTER_COMPONENTS_ALL_PATTERN) || str.matches(API_CLUSTER_HOST_COMPONENTS_ALL_PATTERN) || str.matches(API_CLUSTER_CONFIG_GROUPS_ALL_PATTERN) || str.matches(API_HOSTS_ALL_PATTERN) || str.matches(API_ALERT_TARGETS_ALL_PATTERN) || str.matches(API_PRIVILEGES_ALL_PATTERN) || str.matches(API_PERSIST_ALL_PATTERN) || str.matches(API_CLUSTERS_UPGRADES_PATTERN);
    }

    public void destroy() {
    }

    private static String getParameterValue(FilterConfig filterConfig, String str, String str2) {
        String initParameter = filterConfig.getInitParameter(str);
        if (initParameter == null || initParameter.length() == 0) {
            initParameter = filterConfig.getServletContext().getInitParameter(str);
        }
        return (initParameter == null || initParameter.length() == 0) ? str2 : initParameter;
    }

    SecurityContext getSecurityContext() {
        return SecurityContextHolder.getContext();
    }

    ViewRegistry getViewRegistry() {
        return ViewRegistry.getInstance();
    }
}
