package pl.edu.icm.unity.oauth.as.webauthz;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.oauth.as.OAuthAuthzContext;
import pl.edu.icm.unity.webui.VaadinRequestMatcher;
import pl.edu.icm.unity.webui.idpcommon.EopException;

/* loaded from: input_file:pl/edu/icm/unity/oauth/as/webauthz/OAuthGuardFilter.class */
public class OAuthGuardFilter implements Filter {
    private static final Logger log = Log.getLogger("unity.server.oauth", OAuthGuardFilter.class);
    protected ErrorHandler errorHandler;

    public OAuthGuardFilter(ErrorHandler errorHandler) {
        this.errorHandler = errorHandler;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            doFilterInterruptible(servletRequest, servletResponse, filterChain);
        } catch (EopException e) {
        }
    }

    protected void doFilterInterruptible(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException, EopException {
        if (!(servletRequest instanceof HttpServletRequest)) {
            throw new ServletException("This filter can be used only for HTTP servlets");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession();
        if (VaadinRequestMatcher.isVaadinRequest(httpServletRequest)) {
            log.trace("Ignoring request to Vaadin internal address {}", httpServletRequest.getRequestURI());
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else if (((OAuthAuthzContext) session.getAttribute(OAuthParseServlet.SESSION_OAUTH_CONTEXT)) == null) {
            if (log.isDebugEnabled()) {
                log.debug("Request to OAuth post-processing address, without OAuth context: " + httpServletRequest.getRequestURI());
            }
            this.errorHandler.showErrorPage("No OAuth context", null, httpServletResponse);
        } else {
            if (log.isTraceEnabled()) {
                log.trace("Request to OAuth post-processing address, with OAuth context: " + httpServletRequest.getRequestURI());
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
