package com.ai.aspire.authentication;

import com.ai.application.interfaces.RequestExecutionException;
import com.ai.application.utils.AppObjects;
import com.ai.servlets.AspireConstants;
import com.ai.servletutils.ServletUtils;
import java.io.IOException;
import java.util.Hashtable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/ai/aspire/authentication/URLAccessRightsAuthorization.class */
public class URLAccessRightsAuthorization extends SimpleDBAuthentication1 {
    protected static String m_requestName = null;

    @Override // com.ai.aspire.authentication.PublicAccessAuthentication, com.ai.application.interfaces.IInitializable
    public void initialize(String str) {
        super.initialize(str);
        m_requestName = str;
    }

    @Override // com.ai.aspire.authentication.DefaultAuthentication, com.ai.aspire.authentication.IAuthentication1
    public boolean isAccessAllowed(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthorizationException {
        String value = AppObjects.getValue(String.valueOf(m_requestName) + ".user." + str + ".excludeURLs", null);
        String authKey = getAuthKey(httpServletRequest);
        if (value == null) {
            return isAuthorized(str, httpServletRequest, httpServletResponse, authKey);
        }
        AppObjects.info(this, "Exclude urls for this user are: " + value);
        AppObjects.log("Info:auth: verifying access for resource:" + authKey);
        if (value.indexOf(authKey) == -1) {
            return isAuthorized(str, httpServletRequest, httpServletResponse, authKey);
        }
        AppObjects.warn(this, "auth:" + authKey + " is an excluded url");
        try {
            httpServletResponse.sendError(403, "The userid " + str + " is not allowed access to this page");
            return false;
        } catch (IOException e) {
            AppObjects.log("Error:auth: io error", e);
            throw new AuthorizationException("Error:auth: io error", e);
        }
    }

    String getAuthKey(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("request_name");
        if (parameter != null) {
            return parameter;
        }
        String parameter2 = httpServletRequest.getParameter("url");
        if (parameter2 != null) {
            return parameter2;
        }
        AppObjects.warn(this, "Auth: No request name or url found");
        return null;
    }

    private boolean isAuthorized(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str2) throws AuthorizationException {
        if (str2 == null) {
            return true;
        }
        AppObjects.info(this, "Checking authorization for:" + str2);
        String value = AppObjects.getValue(String.valueOf(str2) + ".authRequestName", null);
        if (value == null) {
            AppObjects.info(this, "This is a purely public url:" + httpServletRequest.getRequestURI());
            return true;
        }
        try {
            return ((Boolean) AppObjects.getObject(value, getParameters(str, httpServletRequest, httpServletResponse))).booleanValue();
        } catch (RequestExecutionException e) {
            AppObjects.log("Error:could not eval the request:" + value, e);
            return false;
        }
    }

    private Hashtable getParameters(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Hashtable convertToLowerCase = ServletUtils.convertToLowerCase(ServletUtils.getParameters(httpServletRequest));
        convertToLowerCase.put(AspireConstants.ASPIRE_HTTP_SESSION_KEY, httpServletRequest.getSession());
        convertToLowerCase.put(AspireConstants.ASPIRE_HTTP_REQUEST_KEY, httpServletRequest);
        convertToLowerCase.put(AspireConstants.ASPIRE_HTTP_RESPONSE_KEY, httpServletResponse);
        convertToLowerCase.put(AspireConstants.ASPIRE_USER_NAME_KEY, str);
        return convertToLowerCase;
    }
}
