package com.cloudera.api;

import com.cloudera.cmf.cdhclient.util.ThrottlingLogger;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.server.cmf.CurrentUserManager;
import com.cloudera.server.web.cmf.AuthScope;
import com.cloudera.server.web.cmf.AuthScopeContext;
import java.io.IOException;
import java.util.NoSuchElementException;
import javax.persistence.EntityManagerFactory;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.joda.time.Duration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:com/cloudera/api/ApiBasicAuthFilter.class */
public class ApiBasicAuthFilter extends GenericFilterBean {
    public static final String NO_BASIC_AUTH_HEADER = "CM-No-Basic-Auth";
    private static final Logger LOG = LoggerFactory.getLogger(ApiBasicAuthFilter.class);
    private static ThrottlingLogger THROTTLED_LOG = new ThrottlingLogger(LOG, Duration.standardMinutes(5));
    private final CurrentUserManager currentUserMgr;
    private final EntityManagerFactory emf;

    @Autowired
    public ApiBasicAuthFilter(CurrentUserManager currentUserManager, EntityManagerFactory entityManagerFactory) {
        this.currentUserMgr = currentUserManager;
        this.emf = entityManagerFactory;
    }

    /* JADX WARN: Finally extract failed */
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (httpServletRequest.getHeader(NO_BASIC_AUTH_HEADER) != null && !this.currentUserMgr.isAuthenticated()) {
            ((HttpServletResponse) servletResponse).setStatus(403);
            return;
        }
        String pathInfo = httpServletRequest.getPathInfo();
        AuthScope.global();
        CmfEntityManager cmfEntityManager = new CmfEntityManager(this.emf);
        try {
            try {
                cmfEntityManager.beginForRollbackAndReadonly();
                AuthScope authScope = AuthScopeContext.getAuthScope(pathInfo, cmfEntityManager);
                cmfEntityManager.close();
                AuthScopeContext.set(authScope);
                AuthScopeContext.clearPriviledgedMode();
                try {
                    filterChain.doFilter(servletRequest, servletResponse);
                    AuthScopeContext.set(AuthScope.global());
                    AuthScopeContext.clearPriviledgedMode();
                } catch (Throwable th) {
                    AuthScopeContext.set(AuthScope.global());
                    AuthScopeContext.clearPriviledgedMode();
                    throw th;
                }
            } catch (NoSuchElementException e) {
                THROTTLED_LOG.debug(String.format("AuthScopeContext.getAuthScope could not find the cluster in the path %s provided.", pathInfo));
                ((HttpServletResponse) servletResponse).setStatus(404);
                cmfEntityManager.close();
            }
        } catch (Throwable th2) {
            cmfEntityManager.close();
            throw th2;
        }
    }
}
