package com.alfaariss.oa.util.web;

import com.alfaariss.oa.OAException;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/alfaariss/oa/util/web/SharedSecretFilter.class */
public class SharedSecretFilter implements Filter {
    private static Log _logger = LogFactory.getLog(SharedSecretFilter.class);
    private String _sFilterName;
    private String _sharedSecret;

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            this._sFilterName = filterConfig.getFilterName();
            if (this._sFilterName == null) {
                this._sFilterName = SharedSecretFilter.class.getSimpleName();
            }
            this._sharedSecret = filterConfig.getInitParameter("shared_secret");
            if (this._sharedSecret == null || this._sharedSecret.length() <= 0) {
                _logger.error("No 'shared_secret' init parameter found in filter configuration");
                throw new OAException(2);
            }
            _logger.info(this._sFilterName + " started.");
        } catch (Exception e) {
            _logger.fatal(this._sFilterName + " start failed due to internal error", e);
            throw new ServletException();
        } catch (OAException e2) {
            _logger.fatal(this._sFilterName + " start failed", e2);
            throw new ServletException();
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            if (!(servletRequest instanceof HttpServletRequest)) {
                _logger.warn("received a non HTTP request");
                throw new OAException(1);
            }
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (!(servletResponse instanceof HttpServletResponse)) {
                _logger.warn("received a non HTTP response");
                throw new OAException(1);
            }
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String parameter = httpServletRequest.getParameter("shared_secret");
            if (parameter == null || parameter.length() <= 0) {
                _logger.warn("Request not accepted. No Shared secret credentials supplied");
                httpServletResponse.sendError(403);
            } else if (this._sharedSecret.equals(parameter)) {
                _logger.debug("Request accepted. Shared secret credentials accepted: " + parameter);
                filterChain.doFilter(servletRequest, servletResponse);
            } else {
                _logger.warn("Request not accepted. Shared secret credentials NOT accepted: " + parameter);
                httpServletResponse.sendError(403);
            }
        } catch (Exception e) {
            _logger.fatal("Could not process request, due to internal error", e);
            throw new ServletException();
        } catch (OAException e2) {
            _logger.error("Could not process request", e2);
            throw new ServletException();
        }
    }

    public void destroy() {
        _logger.info(this._sFilterName + " Stopped");
    }
}
