package org.apache.archiva.redback.integration.filter.authorization;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.integration.filter.SpringServletFilter;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/archiva/redback/integration/filter/authorization/SimpleAuthorizationFilter.class */
public class SimpleAuthorizationFilter extends SpringServletFilter {
    private Logger logger = LoggerFactory.getLogger(getClass());
    private String permission;
    private String resource;
    private String accessDeniedLocation;

    @Override // org.apache.archiva.redback.integration.filter.SpringServletFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        this.permission = filterConfig.getInitParameter("permission");
        this.resource = filterConfig.getInitParameter("resource");
        this.accessDeniedLocation = filterConfig.getInitParameter("accessDeniedLocation");
        if (StringUtils.isEmpty(this.accessDeniedLocation)) {
            throw new ServletException("Missing parameter 'accessDeniedLocation' from " + SimpleAuthorizationFilter.class.getName() + " configuration.");
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        SecuritySession securitySession = (SecuritySession) getApplicationContext().getBean("securitySession", SecuritySession.class);
        if (securitySession == null) {
            this.logger.warn("Security Session is null.");
            return;
        }
        SecuritySystem securitySystem = (SecuritySystem) getApplicationContext().getBean("securitySystem", SecuritySystem.class);
        try {
            if (StringUtils.isEmpty(this.resource) ? securitySystem.isAuthorized(securitySession, this.permission) : securitySystem.isAuthorized(securitySession, this.permission, this.resource)) {
                filterChain.doFilter(servletRequest, servletResponse);
            } else {
                accessDenied(servletResponse);
            }
        } catch (AuthorizationException e) {
            accessDenied(servletResponse);
        }
    }

    protected void accessDenied(ServletResponse servletResponse) throws IOException {
        String str = this.accessDeniedLocation;
        ((HttpServletResponse) servletResponse).sendRedirect((str.indexOf(63) == -1 ? str + "?" : str + "&") + "resource=" + this.resource);
    }
}
