package org.jcasbin.plugins;

import java.nio.charset.Charset;
import java.util.Base64;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.casbin.jcasbin.main.Enforcer;
import org.nutz.mvc.ActionContext;
import org.nutz.mvc.ActionFilter;
import org.nutz.mvc.View;
import org.nutz.mvc.impl.processor.AbstractProcessor;

/* loaded from: input_file:org/jcasbin/plugins/JCasbinAuthzFilter.class */
public class JCasbinAuthzFilter extends AbstractProcessor implements ActionFilter {
    static Enforcer enforcer = new Enforcer("examples/authz_model.conf", "examples/authz_policy.csv");

    private String getUser(HttpServletRequest httpServletRequest) {
        String str = "";
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.startsWith("Basic")) {
            str = new String(Base64.getDecoder().decode(header.substring("Basic".length()).trim()), Charset.forName("UTF-8")).split(":", 2)[0];
        }
        return str;
    }

    public View match(ActionContext actionContext) {
        return null;
    }

    public void process(ActionContext actionContext) throws Throwable {
        HttpServletRequest request = actionContext.getRequest();
        HttpServletResponse response = actionContext.getResponse();
        String user = getUser(request);
        String requestURI = request.getRequestURI();
        String method = request.getMethod();
        System.out.println("(" + user + ", " + requestURI + ", " + method + ")");
        if (enforcer.enforce(new Object[]{user, requestURI, method})) {
            doNext(actionContext);
        } else {
            response.setStatus(403);
        }
    }
}
