package pl.psnc.dlibra.web.fw;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import pl.psnc.dlibra.web.common.user.WebUser;
import pl.psnc.dlibra.web.fw.util.servlet.RequestWrapperFactory;
import pl.psnc.dlibra.web.fw.util.servlet.ServletRequestWrapper;
import pl.psnc.dlibra.web.fw.util.user.AuthenticationCookieSetter;

/* loaded from: input_file:pl/psnc/dlibra/web/fw/SessionVerificationFilter.class */
public class SessionVerificationFilter implements Filter {
    public static final String S_SESSION_IP = "session_ip";
    private static final Logger logger = Logger.getLogger(SessionVerificationFilter.class);
    FilterConfig fconfig;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.fconfig = filterConfig;
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        logger.debug("Entering session verification filter");
        HttpSession session = ((HttpServletRequest) servletRequest).getSession();
        if (session.isNew()) {
            logger.debug("new session created");
            session.setAttribute(S_SESSION_IP, servletRequest.getRemoteAddr());
        } else {
            try {
                ServletRequestWrapper instanceInSafeMode = RequestWrapperFactory.getInstanceInSafeMode((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse);
                String str = (String) session.getAttribute(S_SESSION_IP);
                if (str == null) {
                    str = servletRequest.getRemoteAddr();
                    session.setAttribute(S_SESSION_IP, str);
                }
                WebUser webUser = (WebUser) session.getAttribute("S_USER");
                WebUser publicUser = instanceInSafeMode.getPublicUser();
                if (webUser != null && !str.equals(servletRequest.getRemoteAddr()) && !publicUser.getLogin().equals(webUser.getLogin())) {
                    logger.warn("Same session through different IP : " + servletRequest.getRemoteAddr());
                    String userLanguage = instanceInSafeMode.getUserLanguage();
                    String previousPage = instanceInSafeMode.getPreviousPage();
                    session.invalidate();
                    AuthenticationCookieSetter.unsetUserCookie(instanceInSafeMode);
                    instanceInSafeMode.setUserLanguage(userLanguage);
                    instanceInSafeMode.setPreviousPage(previousPage);
                    instanceInSafeMode.setSessionAttribute(S_SESSION_IP, servletRequest.getRemoteAddr());
                    instanceInSafeMode.setSessionAttribute("S_USER", publicUser);
                }
            } catch (Exception e) {
                logger.error("Unexpected error occurred!", e);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
