package waffle.jetty;

import jakarta.servlet.DispatcherType;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import org.eclipse.jetty.ee10.servlet.FilterHolder;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.ServletHandler;
import org.eclipse.jetty.ee10.servlet.ServletHolder;
import org.eclipse.jetty.server.Server;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import waffle.servlet.NegotiateSecurityFilter;
import waffle.servlet.WindowsPrincipal;
import waffle.windows.auth.WindowsAccount;

/* loaded from: input_file:waffle/jetty/StartEmbeddedJettyValidateNTLMGroup.class */
public class StartEmbeddedJettyValidateNTLMGroup {
    private static final Logger LOGGER = LoggerFactory.getLogger(StartEmbeddedJettyValidateNTLMGroup.class);

    /* loaded from: input_file:waffle/jetty/StartEmbeddedJettyValidateNTLMGroup$InfoServlet.class */
    public static class InfoServlet extends HttpServlet {
        private static final long serialVersionUID = 1;
        private static final List<String> authorisedGroups = Arrays.asList("NTGroup1", "NTGroup2");

        public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            httpServletResponse.setContentType("text/html");
            httpServletResponse.setStatus(200);
            if (isUserAuthorised(httpServletRequest, authorisedGroups)) {
                httpServletResponse.getWriter().println("User is authorised");
            } else {
                httpServletResponse.getWriter().println("User is not authorised");
            }
        }

        private boolean isUserAuthorised(HttpServletRequest httpServletRequest, List<String> list) {
            return !Collections.disjoint(list, getUsersGroups(httpServletRequest));
        }

        private List<String> getUsersGroups(HttpServletRequest httpServletRequest) {
            ArrayList arrayList = new ArrayList();
            WindowsPrincipal userPrincipal = httpServletRequest.getUserPrincipal();
            if (userPrincipal instanceof WindowsPrincipal) {
                for (WindowsAccount windowsAccount : userPrincipal.getGroups().values()) {
                    arrayList.add(getGroupName(windowsAccount.getDomain(), windowsAccount.getFqn()));
                }
            }
            return arrayList;
        }

        private String getGroupName(String str, String str2) {
            return (str == null || str2 == null) ? "" : str2.split(str, -1)[1].substring(1);
        }
    }

    private StartEmbeddedJettyValidateNTLMGroup() {
    }

    public static void main(String[] strArr) {
        System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", "TRACE");
        Server server = new Server(8080);
        ServletContextHandler servletContextHandler = new ServletContextHandler(1);
        servletContextHandler.setContextPath("/");
        ServletHandler servletHandler = new ServletHandler();
        servletContextHandler.addServlet(new ServletHolder(new InfoServlet()), "/*");
        FilterHolder addFilterWithMapping = servletHandler.addFilterWithMapping(NegotiateSecurityFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
        setFilterParams(addFilterWithMapping);
        servletContextHandler.addFilter(addFilterWithMapping, "/*", EnumSet.of(DispatcherType.REQUEST));
        servletContextHandler.setHandler(servletHandler);
        server.setHandler(servletContextHandler);
        try {
            server.start();
        } catch (Exception e) {
            LOGGER.trace("", e);
        }
    }

    private static void setFilterParams(FilterHolder filterHolder) {
        filterHolder.setInitParameter("principalFormat", "fqn");
        filterHolder.setInitParameter("roleFormat", "both");
        filterHolder.setInitParameter("allowGuestLogin", "true");
        filterHolder.setInitParameter("impersonate", "true");
        filterHolder.setInitParameter("securityFilterProviders", "waffle.servlet.spi.NegotiateSecurityFilterProvider waffle.servlet.spi.BasicSecurityFilterProvider");
        filterHolder.setInitParameter("waffle.servlet.spi.NegotiateSecurityFilterProvider/protocols", "Negotiate NTLM");
        filterHolder.setInitParameter("waffle.servlet.spi.BasicSecurityFilterProvider/realm", "SecureServiceRunner");
    }
}
