package net.sf.javaprinciples.resource.servlet;

import java.lang.reflect.InvocationTargetException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.javaprinciples.resource.ResourceSecurity;
import net.sf.javaprinciples.resource.ResourceSecurityException;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:net/sf/javaprinciples/resource/servlet/ResourceSecurityInterceptor.class */
public class ResourceSecurityInterceptor extends HandlerInterceptorAdapter {
    private static final Log LOGGER = LogFactory.getLog(ResourceSecurityInterceptor.class);
    private String[] securedServices;
    private ResourceSecurity security;
    private String parameterName = "key";
    private String requestProperty = "referer";
    private UrlPathHelper urlPathHelper = new UrlPathHelper();

    public void setSecuredServices(String[] strArr) {
        this.securedServices = strArr;
    }

    public String[] getSecuredServices() {
        return this.securedServices;
    }

    public void setSecurity(ResourceSecurity resourceSecurity) {
        this.security = resourceSecurity;
    }

    public ResourceSecurity getSecurity() {
        return this.security;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!applies(this.urlPathHelper.getLookupPathForRequest(httpServletRequest))) {
            return true;
        }
        try {
            check(httpServletRequest);
            return true;
        } catch (ResourceSecurityException e) {
            httpServletResponse.setStatus(403);
            return false;
        }
    }

    protected boolean applies(String str) {
        for (String str2 : this.securedServices) {
            if (str.startsWith(str2)) {
                return true;
            }
        }
        return false;
    }

    protected void check(HttpServletRequest httpServletRequest) throws ResourceSecurityException {
        String parameter = httpServletRequest.getParameter(this.parameterName);
        String header = httpServletRequest.getHeader(this.requestProperty);
        if (header == null) {
            try {
                header = (String) PropertyUtils.getProperty(httpServletRequest, this.requestProperty);
            } catch (IllegalAccessException e) {
                LOGGER.info("IllegalAccessException: For property " + this.requestProperty);
            } catch (NoSuchMethodException e2) {
                LOGGER.info("NoSuchMethodException: For property " + this.requestProperty);
            } catch (InvocationTargetException e3) {
                LOGGER.info("InvocationTargetException: For property " + this.requestProperty);
            }
        }
        this.security.checkSecurity(parameter, header);
    }

    public void setParameterName(String str) {
        this.parameterName = str;
    }

    public void setRequestProperty(String str) {
        this.requestProperty = str;
    }
}
