package thredds.servlet.restrict;

import com.asascience.ncsos.outputformatter.ds.IoosPlatform10Formatter;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import thredds.servlet.ServletUtil;

/* loaded from: input_file:WEB-INF/classes/thredds/servlet/restrict/TomcatAuthorizer.class */
public class TomcatAuthorizer implements Authorizer {
    private static Logger log = LoggerFactory.getLogger((Class<?>) TomcatAuthorizer.class);
    private boolean useSSL = false;
    private String sslPort = "8443";
    private boolean debugResourceControl = false;

    @Override // thredds.servlet.restrict.Authorizer
    public boolean authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        if (httpServletRequest.isUserInRole(str)) {
            return true;
        }
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute("origRequest", ServletUtil.getRequest(httpServletRequest));
        session.setAttribute(IoosPlatform10Formatter.ROLE, str);
        String str2 = this.useSSL ? "https://" + httpServletRequest.getServerName() + ":" + this.sslPort + ServletUtil.getContextPath() + "/restrictedAccess/" + str : "http://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + ServletUtil.getContextPath() + "/restrictedAccess/" + str;
        if (this.debugResourceControl) {
            System.out.println("redirect to = " + str2);
        }
        httpServletResponse.setStatus(307);
        httpServletResponse.addHeader("Location", str2);
        httpServletResponse.setHeader("Last-Modified", "");
        return false;
    }

    @Override // thredds.servlet.restrict.Authorizer
    public void init(HttpServlet httpServlet) throws ServletException {
        String initParameter = httpServlet.getInitParameter("useSSL");
        if (null != initParameter) {
            this.useSSL = Boolean.valueOf(initParameter).booleanValue();
        }
        String initParameter2 = httpServlet.getInitParameter("portSSL");
        if (null != initParameter2) {
            this.sslPort = initParameter2;
        }
    }

    @Override // thredds.servlet.restrict.Authorizer
    public void setRoleSource(RoleSource roleSource) {
    }

    @Override // thredds.servlet.restrict.Authorizer
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession();
        if (session != null) {
            String str = (String) session.getAttribute("origRequest");
            if (httpServletRequest.isUserInRole((String) session.getAttribute(IoosPlatform10Formatter.ROLE))) {
                if (str == null) {
                    httpServletResponse.setStatus(200);
                    return;
                }
                httpServletResponse.setStatus(307);
                String str2 = str.indexOf("?") > 0 ? "&auth" : "?auth";
                httpServletResponse.addHeader("Location", str);
                if (this.debugResourceControl) {
                    System.out.println("redirect to origRequest = " + str);
                    return;
                }
                return;
            }
        }
        httpServletResponse.sendError(401, "Not authorized to access this dataset.");
    }
}
