package com.atlassian.plugins.authentication.sso.web.filter.loginform;

import com.atlassian.plugins.authentication.sso.config.CachingSsoConfigService;
import java.io.IOException;
import java.util.List;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/plugins/authentication/sso/web/filter/loginform/DisableNativeLoginAuthFilter.class */
public class DisableNativeLoginAuthFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(DisableNativeLoginAuthFilter.class);
    private final DisableNativeLoginAuthResponseWriter responseWriter;
    private final CachingSsoConfigService cachingSsoConfigService;
    private final List<DisableBasicAuthBlockRequestChecker> blockRequestChecks;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/plugins/authentication/sso/web/filter/loginform/DisableNativeLoginAuthFilter$Result.class */
    public enum Result {
        BLOCK_REQUEST,
        ALLOW_REQUEST
    }

    @Inject
    public DisableNativeLoginAuthFilter(DisableNativeLoginAuthResponseWriter disableNativeLoginAuthResponseWriter, CachingSsoConfigService cachingSsoConfigService, List<DisableBasicAuthBlockRequestChecker> list) {
        this.responseWriter = disableNativeLoginAuthResponseWriter;
        this.cachingSsoConfigService = cachingSsoConfigService;
        this.blockRequestChecks = list;
    }

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (checkRequest(httpServletRequest) == Result.BLOCK_REQUEST) {
            log.trace("Blocking HTTP request - Native Login is not allowed: {}", httpServletRequest.getRequestURI());
            this.responseWriter.write(httpServletRequest, httpServletResponse);
        } else {
            log.trace("Allowing HTTP request: {}", httpServletRequest.getRequestURI());
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    private Result checkRequest(HttpServletRequest httpServletRequest) {
        return (isNativeLoginEnabled() || !isNativeAuthenticationRequest(httpServletRequest)) ? Result.ALLOW_REQUEST : Result.BLOCK_REQUEST;
    }

    private boolean isNativeAuthenticationRequest(HttpServletRequest httpServletRequest) {
        return this.blockRequestChecks.stream().anyMatch(disableBasicAuthBlockRequestChecker -> {
            return disableBasicAuthBlockRequestChecker.test(httpServletRequest);
        });
    }

    private boolean isNativeLoginEnabled() {
        return this.cachingSsoConfigService.getSsoConfig().getShowLoginForm() || this.cachingSsoConfigService.getSsoConfig().enableAuthenticationFallback();
    }

    public void destroy() {
    }
}
