package com.ai.aspire.authentication;

import com.ai.application.utils.AppObjects;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/ai/aspire/authentication/UserURLMapAuthorization.class */
public class UserURLMapAuthorization extends SimpleDBAuthentication1 {
    protected static String m_requestName = null;

    @Override // com.ai.aspire.authentication.PublicAccessAuthentication, com.ai.application.interfaces.IInitializable
    public void initialize(String str) {
        super.initialize(str);
        m_requestName = str;
    }

    @Override // com.ai.aspire.authentication.DefaultAuthentication, com.ai.aspire.authentication.IAuthentication1
    public boolean isAccessAllowed(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthorizationException {
        String value = AppObjects.getValue(String.valueOf(m_requestName) + ".user." + str + ".excludeURLs", null);
        if (value == null) {
            return true;
        }
        AppObjects.info(this, "Exclude urls for this user are: %1s", value);
        String authKey = getAuthKey(httpServletRequest);
        if (authKey == null) {
            return true;
        }
        AppObjects.info(this, "auth: verifying access for resource:%1s", authKey);
        if (value.indexOf(authKey) == -1) {
            return true;
        }
        AppObjects.log("Warn:auth:" + authKey + " is an excluded url");
        try {
            httpServletResponse.sendError(403, "The userid " + str + " is not allowed access to this page");
            return false;
        } catch (IOException e) {
            AppObjects.log("Error:auth: io error", e);
            throw new AuthorizationException("Error:auth: io error", e);
        }
    }

    String getAuthKey(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("request_name");
        if (parameter != null) {
            return parameter;
        }
        String parameter2 = httpServletRequest.getParameter("url");
        if (parameter2 != null) {
            return parameter2;
        }
        AppObjects.log("Warn:Auth: No request name or url found");
        return null;
    }
}
