package net.unit8.sastruts.oauth.provider.filter;

import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import net.unit8.sastruts.oauth.provider.entity.OauthToken;
import net.unit8.sastruts.oauth.provider.service.OauthTokenService;
import org.seasar.framework.container.SingletonS2Container;
import org.seasar.framework.util.StringUtil;

/* loaded from: input_file:net/unit8/sastruts/oauth/provider/filter/OauthFilter.class */
public class OauthFilter implements Filter {
    private static final Pattern OAUTH_HEADER_PTN = Pattern.compile("^(Bearer|OAuth|Token) (token=)?([^\\s]*)$");

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        OauthToken findValidToken;
        OauthTokenService oauthTokenService = (OauthTokenService) SingletonS2Container.getComponent("oauthTokenService");
        String oauth2Token = oauth2Token(servletRequest);
        if (StringUtil.isNotEmpty(oauth2Token) && (findValidToken = oauthTokenService.findValidToken(oauth2Token)) != null) {
            servletRequest.setAttribute("oauth.token", findValidToken);
            servletRequest.setAttribute("oauth.version", 2);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    protected String oauth2Token(ServletRequest servletRequest) {
        String parameter = servletRequest.getParameter("bearer_token");
        if (StringUtil.isEmpty(parameter)) {
            parameter = servletRequest.getParameter("access_token");
        }
        if (StringUtil.isEmpty(parameter) && StringUtil.isNotEmpty(servletRequest.getParameter("oauth_token")) && StringUtil.isEmpty(servletRequest.getParameter("oauth_signature"))) {
            parameter = servletRequest.getParameter("oauth_token");
        }
        if (StringUtil.isEmpty(parameter)) {
            String header = ((HttpServletRequest) HttpServletRequest.class.cast(servletRequest)).getHeader("Authorization");
            if (StringUtil.isNotEmpty(header) && !StringUtil.contains(header, "oauth_version=\"1.0\"")) {
                Matcher matcher = OAUTH_HEADER_PTN.matcher(header);
                if (matcher.find()) {
                    parameter = matcher.group(3);
                }
            }
        }
        return parameter;
    }

    public void destroy() {
    }
}
