package org.apache.ofbiz.webapp.control;

import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.ofbiz.base.util.Debug;

/* loaded from: input_file:org/apache/ofbiz/webapp/control/ControlFilter.class */
public class ControlFilter implements Filter {
    public static final String FORWARDED_FROM_SERVLET = "_FORWARDED_FROM_SERVLET_";
    private static final String module = ControlFilter.class.getName();
    private boolean redirectAll;
    private boolean redirectPathIsUrl;
    private String redirectPath;
    protected int errorCode;
    private Set<String> allowedPaths = new HashSet();

    public void init(FilterConfig filterConfig) throws ServletException {
        this.redirectPath = filterConfig.getInitParameter("redirectPath");
        this.redirectPathIsUrl = this.redirectPath != null && this.redirectPath.toLowerCase().startsWith("http");
        String initParameter = filterConfig.getInitParameter("forceRedirectAll");
        this.redirectAll = (this.redirectPath == null || initParameter == null || !"Y".equalsIgnoreCase(initParameter)) ? false : true;
        String initParameter2 = filterConfig.getInitParameter("errorCode");
        this.errorCode = 403;
        if (initParameter2 != null) {
            try {
                this.errorCode = Integer.parseInt(initParameter2);
            } catch (NumberFormatException e) {
                Debug.logWarning(e, "Error code specified would not parse to Integer: " + initParameter2, module);
                Debug.logWarning(e, "The default error code will be used: " + this.errorCode, module);
            }
        }
        String initParameter3 = filterConfig.getInitParameter("allowedPaths");
        if (initParameter3 != null) {
            for (String str : initParameter3.split(":")) {
                this.allowedPaths.add(str);
            }
            if (this.redirectPath == null || this.redirectPathIsUrl) {
                return;
            }
            this.allowedPaths.add(this.redirectPath);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.redirectAll) {
            if (httpServletRequest.getSession().getAttribute("_FORCE_REDIRECT_") != null) {
                httpServletRequest.getSession().removeAttribute("_FORCE_REDIRECT_");
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            httpServletRequest.getSession().setAttribute("_FORCE_REDIRECT_", "true");
            Debug.logWarning("Redirecting user to: " + this.redirectPath, module);
            if (this.redirectPathIsUrl) {
                httpServletResponse.sendRedirect(this.redirectPath);
                return;
            } else {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.redirectPath);
                return;
            }
        }
        if (httpServletRequest.getAttribute(FORWARDED_FROM_SERVLET) != null || this.allowedPaths.isEmpty()) {
            return;
        }
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        int indexOf = substring.indexOf("/", 1);
        if (indexOf == -1) {
            indexOf = substring.length();
        }
        while (true) {
            if (this.allowedPaths.contains(substring.substring(0, indexOf))) {
                break;
            }
            indexOf = substring.indexOf("/", indexOf + 1);
            if (indexOf == -1) {
                if (!this.allowedPaths.contains(substring)) {
                    if (this.redirectPath == null) {
                        httpServletResponse.sendError(this.errorCode, httpServletRequest.getRequestURI());
                    } else if (this.redirectPathIsUrl) {
                        httpServletResponse.sendRedirect(this.redirectPath);
                    } else {
                        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.redirectPath);
                    }
                    if (Debug.infoOn()) {
                        Debug.logInfo("[Filtered request]: " + httpServletRequest.getRequestURI() + " --> " + (this.redirectPath == null ? Integer.valueOf(this.errorCode) : this.redirectPath), module);
                        return;
                    }
                    return;
                }
            }
        }
        filterChain.doFilter(servletRequest, httpServletResponse);
    }

    public void destroy() {
    }
}
