package net.sf.jguard.jee.authorization.http;

import java.io.IOException;
import java.security.Permission;
import javax.security.auth.Subject;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.jguard.core.authentication.AccessContext;
import net.sf.jguard.core.authorization.AuthorizationBindings;
import net.sf.jguard.core.authorization.permissions.URLPermission;
import net.sf.jguard.jee.authentication.http.HttpAuthenticationUtils;
import net.sf.jguard.jee.authentication.http.HttpConstants;
import org.apache.bsf.debug.util.DebugConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/jguard-jee-1.1.0-beta1.jar:net/sf/jguard/jee/authorization/http/HttpServletAuthorizationBindings.class */
public class HttpServletAuthorizationBindings implements AuthorizationBindings {
    private static final Logger logger;
    private PermissionFactory permissionFactory = new HttpPermissionFactory();
    static Class class$net$sf$jguard$jee$authorization$http$HttpServletAuthorizationBindings;

    @Override // net.sf.jguard.core.authorization.AuthorizationBindings
    public Permission getPermissionRequested(AccessContext accessContext) {
        return this.permissionFactory.getPermission((HttpServletRequest) accessContext.getParameter("servletRequest"));
    }

    @Override // net.sf.jguard.core.authorization.AuthorizationBindings
    public void setLastAccessDeniedPermission(AccessContext accessContext, Permission permission) {
        if (permission instanceof URLPermission) {
            ((HttpServletRequest) accessContext.getParameter("servletRequest")).getSession(true).setAttribute(HttpConstants.LAST_ACCESS_DENIED_URI, ((URLPermission) permission).getURI());
        }
    }

    @Override // net.sf.jguard.core.authorization.AuthorizationBindings
    public void accessDenied(AccessContext accessContext) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) accessContext.getParameter("servletRequest");
        HttpServletResponse httpServletResponse = (HttpServletResponse) accessContext.getParameter("servletResponse");
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append(" access denied to ").append(httpServletRequest.getRequestURI()).toString());
        }
        logger.debug(new StringBuffer().append(" access is denied to ").append(httpServletRequest.getRequestURI()).append(" accessDeniedURI is not defined  jGuard send 401 http code ").toString());
        httpServletResponse.setStatus(DebugConstants.JE_GET_CONTEXT_AT);
        try {
            if (!httpServletResponse.isCommitted()) {
                httpServletResponse.sendError(DebugConstants.JE_GET_CONTEXT_AT, new StringBuffer().append("access is denied to ").append(httpServletRequest.getRequestURI()).toString());
            }
        } catch (IOException e) {
            throw new RuntimeException(e.getMessage());
        }
    }

    @Override // net.sf.jguard.core.authorization.AuthorizationBindings
    public void authorize(AccessContext accessContext) {
        RuntimeException runtimeException;
        HttpServletRequest httpServletRequest = (HttpServletRequest) accessContext.getParameter("servletRequest");
        HttpServletResponse httpServletResponse = (HttpServletResponse) accessContext.getParameter("servletResponse");
        FilterChain filterChain = (FilterChain) accessContext.getParameter("filterChain");
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("doFilter() -  access authorized to ").append(httpServletRequest.getRequestURI()).toString());
        }
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } finally {
            try {
            } catch (IOException e) {
            }
        }
    }

    public Subject getSubject(AccessContext accessContext) {
        return HttpAuthenticationUtils.getSubject(((HttpServletRequest) accessContext.getParameter("servletRequest")).getSession(true));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$jee$authorization$http$HttpServletAuthorizationBindings == null) {
            cls = class$("net.sf.jguard.jee.authorization.http.HttpServletAuthorizationBindings");
            class$net$sf$jguard$jee$authorization$http$HttpServletAuthorizationBindings = cls;
        } else {
            cls = class$net$sf$jguard$jee$authorization$http$HttpServletAuthorizationBindings;
        }
        logger = LoggerFactory.getLogger(cls.getName());
    }
}
