package org.sonatype.nexus.security.anonymous;

import com.google.common.base.Preconditions;
import com.google.common.cache.CacheBuilder;
import java.util.Collections;
import java.util.Date;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.nexus.common.event.EventManager;
import org.sonatype.nexus.security.ClientInfo;

@Singleton
@Named
/* loaded from: input_file:org/sonatype/nexus/security/anonymous/AnonymousFilter.class */
public class AnonymousFilter extends AdviceFilter {
    public static final String NAME = "nx-anonymous";
    private static final int CACHE_SIZE = 100;
    private static final String ORIGINAL_SUBJECT = String.valueOf(AnonymousFilter.class.getName()) + ".originalSubject";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AnonymousFilter.class);
    private final Provider<AnonymousManager> anonymousManager;
    private final Provider<EventManager> eventManager;
    private final Set<ClientInfo> cache = Collections.newSetFromMap(CacheBuilder.newBuilder().maximumSize(100).build().asMap());

    @Inject
    public AnonymousFilter(Provider<AnonymousManager> provider, Provider<EventManager> provider2) {
        this.anonymousManager = (Provider) Preconditions.checkNotNull(provider);
        this.eventManager = (Provider) Preconditions.checkNotNull(provider2);
    }

    protected boolean preHandle(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = SecurityUtils.getSubject();
        AnonymousManager anonymousManager = this.anonymousManager.get();
        if (subject.getPrincipal() != null || !anonymousManager.isEnabled()) {
            return true;
        }
        servletRequest.setAttribute(ORIGINAL_SUBJECT, subject);
        Subject buildSubject = anonymousManager.buildSubject();
        ThreadContext.bind(buildSubject);
        log.trace("Bound anonymous subject: {}", buildSubject);
        if (!(servletRequest instanceof HttpServletRequest)) {
            return true;
        }
        ClientInfo build = ClientInfo.builder().userId(anonymousManager.getConfiguration().getUserId()).remoteIP(servletRequest.getRemoteAddr()).userAgent(((HttpServletRequest) servletRequest).getHeader("User-Agent")).path(((HttpServletRequest) servletRequest).getServletPath()).build();
        if (!this.cache.add(build)) {
            return true;
        }
        log.trace("Tracking new anonymous access from: {}", build);
        this.eventManager.get().post(new AnonymousAccessEvent(build, new Date()));
        return true;
    }

    public void afterCompletion(ServletRequest servletRequest, ServletResponse servletResponse, Exception exc) throws Exception {
        Subject subject = (Subject) servletRequest.getAttribute(ORIGINAL_SUBJECT);
        if (subject != null) {
            log.trace("Binding original subject: {}", subject);
            ThreadContext.bind(subject);
        }
    }
}
