package com.googlesource.gerrit.plugins.manager;

import com.google.common.flogger.FluentLogger;
import com.google.gerrit.extensions.registration.DynamicItem;
import com.google.gerrit.httpd.WebSession;
import com.google.gerrit.server.AccessPath;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

@Singleton
/* loaded from: input_file:com/googlesource/gerrit/plugins/manager/XAuthFilter.class */
public class XAuthFilter implements Filter {
    private static final FluentLogger logger = FluentLogger.forEnclosingClass();
    private DynamicItem<WebSession> webSession;

    @Inject
    public XAuthFilter(DynamicItem<WebSession> dynamicItem) {
        this.webSession = dynamicItem;
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        WebSession webSession = (WebSession) this.webSession.get();
        final String xGerritAuth = webSession.getXGerritAuth();
        if (xGerritAuth == null) {
            ((HttpServletResponse) servletResponse).sendError(401);
            return;
        }
        webSession.setAccessPathOk(AccessPath.REST_API, true);
        logger.atFine().log("Injecting X-Gerrit-Auth for %s", httpServletRequest.getRequestURI());
        HttpServletResponseWrapper httpServletResponseWrapper = new HttpServletResponseWrapper(httpServletResponse) { // from class: com.googlesource.gerrit.plugins.manager.XAuthFilter.1
            private int origContentLength;

            public void setHeader(String str, String str2) {
                XAuthFilter.logger.atFine().log("%s: %s", str, str2);
                if (str.equalsIgnoreCase("Content-Length")) {
                    this.origContentLength = Integer.parseInt(str2);
                } else {
                    super.setHeader(str, str2);
                }
            }

            public ServletOutputStream getOutputStream() throws IOException {
                return new TokenReplaceOutputStream(getResponse(), this.origContentLength, "@X-Gerrit-Auth".getBytes(StandardCharsets.UTF_8), xGerritAuth.getBytes(StandardCharsets.UTF_8));
            }
        };
        httpServletResponseWrapper.setHeader("Cache-Control", "private, no-cache, no-store, must-revalidate, max-age=0");
        httpServletResponseWrapper.setHeader("Pragma", "no-cache");
        httpServletResponseWrapper.setHeader("Expires", "0");
        filterChain.doFilter(servletRequest, httpServletResponseWrapper);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
