package pl.edu.icm.yadda.aal.j2ee;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aal.AalSession;
import pl.edu.icm.yadda.aal.AalSessionService;
import pl.edu.icm.yadda.aal.AuthorizationService;

/* loaded from: input_file:WEB-INF/lib/yadda-aal-1.12.9.jar:pl/edu/icm/yadda/aal/j2ee/ResourceAccessFilter.class */
public class ResourceAccessFilter implements Filter {
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private String accessDeniedURL;
    private AuthorizationService service;
    private AalSessionService sessionService;

    public AuthorizationService getService() {
        return this.service;
    }

    public void setService(AuthorizationService authorizationService) {
        this.service = authorizationService;
    }

    public String getAccessDeniedURL() {
        return this.accessDeniedURL;
    }

    public void setAccessDeniedURL(String str) {
        this.accessDeniedURL = str;
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        AalSession current = this.sessionService.getCurrent();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String contextPath = httpServletRequest.getContextPath();
        if (current == null) {
            this.log.warn("Resource " + httpServletRequest.getRequestURI() + " not authorized as session==null");
            httpServletRequest.getRequestDispatcher(this.accessDeniedURL).forward(servletRequest, servletResponse);
        }
        String requestURI = httpServletRequest.getRequestURI();
        while (true) {
            str = requestURI;
            if (!str.startsWith("//")) {
                break;
            } else {
                requestURI = str.substring(1);
            }
        }
        String substring = str.substring(contextPath.length());
        if (substring.startsWith("/")) {
            return;
        }
        String str2 = "/" + substring;
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    public AalSessionService getSessionService() {
        return this.sessionService;
    }

    public void setSessionService(AalSessionService aalSessionService) {
        this.sessionService = aalSessionService;
    }
}
