package org.eclipse.dirigible.runtime.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.dirigible.runtime.registry.PathUtils;

/* loaded from: input_file:.war:WEB-INF/lib/org.eclipse.dirigible.runtime.security_2.7.170608.jar:org/eclipse/dirigible/runtime/filter/AbstractRegistrySecureFilter.class */
public abstract class AbstractRegistrySecureFilter implements Filter {
    private static final String EMPTY = "";
    private static final String Q = "?";
    private static final String ACCEPT = "Accept";
    private static final String GET_METHOD = "GET";
    private static final String HTTP_METHOD_CANNOT_BE_REDIRECTED_AUTOMATICALLY = "AbstractRegistrySecureFilter.2";
    private static final String JSON = "json";

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String extractPath = PathUtils.extractPath(httpServletRequest);
        String queryString = httpServletRequest.getQueryString();
        if (isLocationSecured(extractPath) == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("Accept");
        if (header != null && header.contains("json") && httpServletRequest.getUserPrincipal() == null) {
            ((HttpServletResponse) servletResponse).sendError(403, String.format(Messages.getString(HTTP_METHOD_CANNOT_BE_REDIRECTED_AUTOMATICALLY), httpServletRequest.getMethod(), String.valueOf(servletRequest.getServletContext().getContextPath()) + getSecuredMapping()));
        } else if ("GET".equalsIgnoreCase(httpServletRequest.getMethod())) {
            ((HttpServletResponse) servletResponse).sendRedirect(String.valueOf(servletRequest.getServletContext().getContextPath()) + getSecuredMapping() + extractPath + (queryString != null ? "?" + queryString : ""));
        } else {
            ((HttpServletResponse) servletResponse).sendError(403, String.format(Messages.getString(HTTP_METHOD_CANNOT_BE_REDIRECTED_AUTOMATICALLY), httpServletRequest.getMethod(), String.valueOf(servletRequest.getServletContext().getContextPath()) + getSecuredMapping()));
        }
    }

    protected abstract String getSecuredMapping();

    /* JADX INFO: Access modifiers changed from: protected */
    public String isLocationSecured(String str) throws ServletException {
        return SecuredLocationVerifier.isLocationSecured(str);
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
