package io.jans.as.server.rate;

import io.jans.as.client.RegisterRequest;
import io.jans.as.model.common.FeatureFlagType;
import io.jans.as.model.error.ErrorResponseFactory;
import jakarta.annotation.Priority;
import jakarta.inject.Inject;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;

@WebFilter(filterName = "RateLimitFilter", asyncSupported = true, urlPatterns = {"/restv1/register"}, displayName = "RateLimitFilter")
@Priority(1000)
/* loaded from: input_file:io/jans/as/server/rate/RateLimitFilter.class */
public class RateLimitFilter implements Filter {
    public static final String TOO_MANY_REQUESTS_JSON_ERROR = "{\"error\": \"Too many requests\"}";

    @Inject
    private Logger log;

    @Inject
    private RateLimitService rateLimitService;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        ServletRequest servletRequest2 = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            servletRequest2 = validateRateLimit(servletRequest2);
            filterChain.doFilter(servletRequest2, httpServletResponse);
        } catch (RateLimitedException e) {
            sendTooManyRequestsError(httpServletResponse);
        } catch (IOException e2) {
            this.log.error(e2.getMessage(), e2);
            filterChain.doFilter(servletRequest2, httpServletResponse);
        } catch (Exception e3) {
            this.log.error(e3.getMessage(), e3);
            sendResponse(httpServletResponse, Response.Status.INTERNAL_SERVER_ERROR, "");
        }
    }

    private HttpServletRequest validateRateLimit(HttpServletRequest httpServletRequest) throws RateLimitedException, IOException {
        if (this.errorResponseFactory.isFeatureFlagEnabled(FeatureFlagType.RATE_LIMIT) && httpServletRequest.getRequestURL().toString().endsWith("/register")) {
            CachedBodyHttpServletRequest cachedBodyHttpServletRequest = new CachedBodyHttpServletRequest(httpServletRequest);
            RegisterRequest parseRegisterRequest = this.rateLimitService.parseRegisterRequest(cachedBodyHttpServletRequest.getCachedBodyAsString());
            String str = "no_key";
            if (parseRegisterRequest != null) {
                String softwareStatement = parseRegisterRequest.getSoftwareStatement();
                List redirectUris = parseRegisterRequest.getRedirectUris();
                if (StringUtils.isNotBlank(softwareStatement)) {
                    str = DigestUtils.sha256Hex(softwareStatement);
                } else if (CollectionUtils.isNotEmpty(redirectUris) && StringUtils.isNotBlank((CharSequence) redirectUris.get(0))) {
                    str = (String) redirectUris.get(0);
                }
            }
            this.rateLimitService.validateRateLimitForRegister(str);
            return cachedBodyHttpServletRequest;
        }
        return httpServletRequest;
    }

    private void sendTooManyRequestsError(HttpServletResponse httpServletResponse) {
        sendResponse(httpServletResponse, Response.Status.TOO_MANY_REQUESTS, TOO_MANY_REQUESTS_JSON_ERROR);
    }

    private void sendResponse(HttpServletResponse httpServletResponse, Response.Status status, String str) {
        this.log.debug("send back response - status: {}, payload: {}", Integer.valueOf(status.getStatusCode()), str);
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            try {
                httpServletResponse.setStatus(status.getStatusCode());
                if (StringUtils.isNotBlank(str)) {
                    httpServletResponse.setContentType("application/json;charset=UTF-8");
                    writer.write(str);
                }
                if (writer != null) {
                    writer.close();
                }
            } finally {
            }
        } catch (IOException e) {
            this.log.error(e.getMessage(), e);
        }
    }

    public void init(FilterConfig filterConfig) {
        this.log.info("Rate Limit Filter initialized.");
    }

    public void destroy() {
        this.log.info("Rate Limit Filter destroyed.");
    }
}
