package thredds.servlet.restrict;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/thredds/servlet/restrict/CAMSAuthorizer.class */
public class CAMSAuthorizer extends TomcatAuthorizer {
    private Logger log = LoggerFactory.getLogger(getClass());

    @Override // thredds.servlet.restrict.TomcatAuthorizer, thredds.servlet.restrict.Authorizer
    public boolean authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        if (hasCAMSrole(httpServletRequest, str)) {
            return true;
        }
        return super.authorize(httpServletRequest, httpServletResponse, str);
    }

    @Override // thredds.servlet.restrict.TomcatAuthorizer, thredds.servlet.restrict.Authorizer
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession();
        if (session != null) {
            String str = (String) session.getAttribute("origRequest");
            if (httpServletRequest.isUserInRole((String) session.getAttribute("role"))) {
                ArrayList arrayList = new ArrayList();
                Enumeration<String> headers = httpServletRequest.getHeaders("CAMS-HTTP-ROLE");
                while (headers.hasMoreElements()) {
                    arrayList.add(headers.nextElement());
                }
                session.setAttribute("camsRoles", arrayList);
                if (str == null) {
                    httpServletResponse.setStatus(200);
                    return;
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("redirect to origRequest = " + str);
                }
                httpServletResponse.setStatus(307);
                httpServletResponse.addHeader("Location", str + (str.indexOf("?") > 0 ? "&auth" : "?auth"));
                return;
            }
        }
        httpServletResponse.sendError(403, "Not authorized to access this dataset.");
    }

    private boolean hasCAMSrole(HttpServletRequest httpServletRequest, String str) {
        List list;
        HttpSession session = httpServletRequest.getSession();
        return (session == null || (list = (List) session.getAttribute("camsRoles")) == null || !list.contains(str)) ? false : true;
    }
}
