package com.adobe.acs.commons.util.impl;

import com.day.cq.wcm.api.components.ComponentManager;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.lang.ArrayUtils;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.ConfigurationPolicy;
import org.apache.felix.scr.annotations.sling.SlingFilter;
import org.apache.felix.scr.annotations.sling.SlingFilterScope;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.request.RequestPathInfo;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ValueMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(policy = ConfigurationPolicy.REQUIRE)
@SlingFilter(scope = {SlingFilterScope.REQUEST}, order = Integer.MIN_VALUE, generateComponent = false)
/* loaded from: input_file:com/adobe/acs/commons/util/impl/UrlFilter.class */
public class UrlFilter implements Filter {
    protected static final String PN_ALLOWED_SUFFIXES = "allowedSuffixes";
    protected static final String PN_ALLOWED_EXTENSIONS = "allowedExtensions";
    protected static final String PN_ALLOWED_SELECTORS = "allowedSelectors";
    protected static final String PN_ALLOWED_SUFFIX_PATTERN = "allowedSuffixPattern";
    protected static final String PN_ALLOWED_SELECTOR_PATTERN = "allowedSelectorPattern";
    protected static final String PN_ALLOWED_EXTENSION_PATTERN = "allowedExtensionPattern";
    private static final Collection<String> PROPERTY_NAMES = Arrays.asList(PN_ALLOWED_SUFFIXES, PN_ALLOWED_EXTENSIONS, PN_ALLOWED_SELECTORS, PN_ALLOWED_SUFFIX_PATTERN, PN_ALLOWED_SELECTOR_PATTERN, PN_ALLOWED_EXTENSION_PATTERN);
    private static final Logger log = LoggerFactory.getLogger(UrlFilter.class);

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof SlingHttpServletRequest) && (servletResponse instanceof SlingHttpServletResponse)) {
            SlingHttpServletRequest slingHttpServletRequest = (SlingHttpServletRequest) servletRequest;
            SlingHttpServletResponse slingHttpServletResponse = (SlingHttpServletResponse) servletResponse;
            RequestPathInfo requestPathInfo = slingHttpServletRequest.getRequestPathInfo();
            com.day.cq.wcm.api.components.Component findUrlFilterDefinitionComponent = findUrlFilterDefinitionComponent(slingHttpServletRequest.getResource(), (ComponentManager) slingHttpServletRequest.getResourceResolver().adaptTo(ComponentManager.class));
            if (findUrlFilterDefinitionComponent != null) {
                String path = findUrlFilterDefinitionComponent.getPath();
                log.debug("found url filter definition resource at {}", path);
                ValueMap properties = findUrlFilterDefinitionComponent.getProperties();
                if (properties != null) {
                    if (!checkSelector(requestPathInfo, properties) || !checkSuffix(requestPathInfo, properties) || !checkExtension(requestPathInfo, properties)) {
                        log.info("url filter definition resource at {} FAILED for request {}.", path, slingHttpServletRequest.getRequestPathInfo());
                        slingHttpServletResponse.sendError(403);
                        return;
                    }
                    log.debug("url filter definition resource at {} passed for request {}.", path, slingHttpServletRequest.getRequestPathInfo());
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    protected boolean checkExtension(RequestPathInfo requestPathInfo, ValueMap valueMap) {
        return check(requestPathInfo.getExtension(), PN_ALLOWED_EXTENSIONS, PN_ALLOWED_EXTENSION_PATTERN, valueMap);
    }

    protected boolean checkSelector(RequestPathInfo requestPathInfo, ValueMap valueMap) {
        return check(requestPathInfo.getSelectorString(), PN_ALLOWED_SELECTORS, PN_ALLOWED_SELECTOR_PATTERN, valueMap);
    }

    private boolean check(String str, String str2, String str3, ValueMap valueMap) {
        if (str == null) {
            return true;
        }
        String[] strArr = (String[]) valueMap.get(str2, String[].class);
        if (strArr == null) {
            String str4 = (String) valueMap.get(str3, String.class);
            if (str4 == null || Pattern.matches(str4, str)) {
                return true;
            }
            log.debug("allowedPattern ({}) did not match our string {}", str4, str);
            return false;
        }
        if (strArr.length == 0) {
            log.debug("{} was empty, therefore not allowing any value.", str2);
            return false;
        }
        if (ArrayUtils.contains(strArr, str)) {
            return true;
        }
        log.debug("{} did not contain our string {}. checking the pattern.", str2, str);
        String str5 = (String) valueMap.get(str3, String.class);
        if (str5 == null || !Pattern.matches(str5, str)) {
            log.debug("allowedPattern ({}) did not match our string {}", str5, str);
            return false;
        }
        log.debug("allowedPattern ({}) did match our string {}", str5, str);
        return true;
    }

    protected boolean checkSuffix(RequestPathInfo requestPathInfo, ValueMap valueMap) {
        return check(requestPathInfo.getSuffix(), PN_ALLOWED_SUFFIXES, PN_ALLOWED_SUFFIX_PATTERN, valueMap);
    }

    private com.day.cq.wcm.api.components.Component findUrlFilterDefinitionComponent(Resource resource, ComponentManager componentManager) {
        if (resource == null) {
            return null;
        }
        Resource child = resource.getChild("jcr:content");
        if (child != null) {
            resource = child;
        }
        return findUrlFilterDefinitionComponent(componentManager.getComponentOfResource(resource));
    }

    private com.day.cq.wcm.api.components.Component findUrlFilterDefinitionComponent(com.day.cq.wcm.api.components.Component component) {
        if (component == null) {
            return null;
        }
        return !Collections.disjoint(component.getProperties().keySet(), PROPERTY_NAMES) ? component : findUrlFilterDefinitionComponent(component.getSuperComponent());
    }
}
