package org.fcrepo.auth.oauth.filter;

import java.io.IOException;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.ParameterStyle;
import org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest;
import org.apache.oltu.oauth2.rsfilter.OAuthRSProvider;
import org.apache.oltu.oauth2.rsfilter.OAuthUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/fcrepo/auth/oauth/filter/OAuthFilter.class */
public class OAuthFilter implements Filter {
    private static final ParameterStyle[] DEFAULT_PARAMETER_STYLES = {OAuth.DEFAULT_PARAMETER_STYLE};
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuthFilter.class);
    private String realm;
    private OAuthRSProvider provider;
    private ParameterStyle[] parameterStyles = DEFAULT_PARAMETER_STYLES;

    @PostConstruct
    public void init() {
        LOGGER.debug("Initializing {}", getClass().getName());
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        init();
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        LOGGER.trace("Filtering {}", ((HttpServletRequest) servletRequest).getRequestURI());
        try {
            String accessToken = new OAuthAccessResourceRequest(httpServletRequest, this.parameterStyles).getAccessToken();
            LOGGER.trace("Validating {} in {}", accessToken, this.realm);
            servletRequest.setAttribute("client_id", this.provider.validateRequest(this.realm, accessToken, httpServletRequest).getOAuthClient().getClientId());
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (OAuthSystemException e) {
            throw new ServletException(e);
        } catch (OAuthProblemException e2) {
            respondWithError(httpServletResponse, e2);
        }
    }

    public void destroy() {
    }

    private void respondWithError(HttpServletResponse httpServletResponse, OAuthProblemException oAuthProblemException) throws IOException, ServletException {
        OAuthResponse buildHeaderMessage;
        try {
            if (OAuthUtils.isEmpty(oAuthProblemException.getError())) {
                buildHeaderMessage = OAuthResponse.errorResponse(401).setRealm(this.realm).buildHeaderMessage();
            } else {
                int i = 401;
                if (oAuthProblemException.getError().equals("invalid_request")) {
                    i = 400;
                } else if (oAuthProblemException.getError().equals("insufficient_scope")) {
                    i = 403;
                }
                buildHeaderMessage = OAuthResponse.errorResponse(i).setRealm(this.realm).setError(oAuthProblemException.getError()).setErrorDescription(oAuthProblemException.getDescription()).setErrorUri(oAuthProblemException.getUri()).buildHeaderMessage();
            }
            httpServletResponse.addHeader("WWW-Authenticate", buildHeaderMessage.getHeader("WWW-Authenticate"));
            httpServletResponse.sendError(buildHeaderMessage.getResponseStatus());
        } catch (OAuthSystemException e) {
            throw new ServletException(e);
        }
    }

    public void setRealm(String str) {
        this.realm = str;
    }

    public void setProvider(OAuthRSProvider oAuthRSProvider) {
        this.provider = oAuthRSProvider;
    }

    public void setParameterStyles(Set<ParameterStyle> set) {
        this.parameterStyles = (ParameterStyle[]) set.toArray(new ParameterStyle[0]);
    }
}
