package com.liferay.saml.internal.servlet.filter;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.util.Html;
import com.liferay.portal.kernel.util.MapUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.ResourceBundleLoader;
import com.liferay.portal.kernel.util.ResourceBundleUtil;
import com.liferay.portal.kernel.util.Validator;
import java.io.PrintWriter;
import java.util.Map;
import java.util.Objects;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@Component(immediate = true, property = {"before-filter=Session Id Filter", "dispatcher=REQUEST", "enabled=true", "init-param.url-regex-ignore-pattern=^/html/.+\\.(css|gif|html|ico|jpg|js|png)(\\?.*)?$", "servlet-context-name=", "servlet-filter-name=SAML SameSite Lax Support Filter", "url-pattern=/c/portal/saml/acs", "url-pattern=/c/portal/saml/slo", "url-pattern=/c/portal/saml/sso"}, service = {Filter.class})
/* loaded from: input_file:com/liferay/saml/internal/servlet/filter/SamlSameSiteLaxCookiesFilter.class */
public class SamlSameSiteLaxCookiesFilter extends BaseSamlPortalFilter {
    private static final String[] _PARAMS = {"RelayState", "SAMLRequest", "SAMLResponse"};
    private static final Log _log = LogFactoryUtil.getLog(SamlSameSiteLaxCookiesFilter.class);
    private boolean _enabled = true;

    @Reference
    private Html _html;

    @Reference
    private Portal _portal;

    @Reference(policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY, target = "(bundle.symbolic.name=com.liferay.saml.impl)")
    private volatile ResourceBundleLoader _resourceBundleLoader;

    public boolean isFilterEnabled() {
        return this._enabled;
    }

    public boolean isFilterEnabled(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (Objects.equals(httpServletRequest.getMethod(), "GET") || ParamUtil.getBoolean(httpServletRequest, "continue")) {
            return false;
        }
        return ParamUtil.getBoolean(httpServletRequest, "noscript") || httpServletRequest.getSession(false) == null;
    }

    @Activate
    protected void activate(Map<String, Object> map) {
        this._enabled = MapUtil.getBoolean(map, "enabled");
    }

    @Override // com.liferay.saml.internal.servlet.filter.BaseSamlPortalFilter
    protected void doProcessFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        httpServletResponse.setContentType("text/html");
        PrintWriter writer = httpServletResponse.getWriter();
        if (ParamUtil.getBoolean(httpServletRequest, "noscript")) {
            writer.write(StringBundler.concat(new String[]{"<!DOCTYPE html>\n\n<html><body>", ResourceBundleUtil.getString(this._resourceBundleLoader.loadResourceBundle(this._portal.getLocale(httpServletRequest)), "your-browser-must-support-javascript-to-proceed"), "</body></html>"}));
            writer.close();
            return;
        }
        StringBundler stringBundler = new StringBundler(7 + (5 * _PARAMS.length));
        stringBundler.append("<!DOCTYPE html>\n\n");
        stringBundler.append("<html><body onload=\"document.forms[0].submit()\">");
        stringBundler.append("<form action=\"?continue=true\" method=\"post\"");
        stringBundler.append("name=\"fm\">");
        for (String str : _PARAMS) {
            _processParameter(httpServletRequest, stringBundler, str);
        }
        stringBundler.append("<noscript><meta http-equiv=\"refresh\" ");
        stringBundler.append("content=\"0;URL='?noscript=true'\"/>");
        stringBundler.append("</noscript></form></body></html>");
        writer.write(stringBundler.toString());
        writer.close();
    }

    protected Log getLog() {
        return _log;
    }

    private void _processParameter(HttpServletRequest httpServletRequest, StringBundler stringBundler, String str) {
        String string = ParamUtil.getString(httpServletRequest, str);
        if (Validator.isNotNull(string)) {
            stringBundler.append("<input type=\"hidden\" name=");
            stringBundler.append(str);
            stringBundler.append(" value=\"");
            stringBundler.append(this._html.escapeAttribute(string));
            stringBundler.append("\"/>");
        }
    }
}
