package edu.yale.its.tp.cas.client.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: classes.dex */
public class SimpleCASAuthorizationFilter implements Filter {
    public static final String AUTHORIZED_USER_STRING = "edu.yale.its.tp.cas.client.filter.authorizedUsers";
    private static final Log log = LogFactory.getLog(SimpleCASAuthorizationFilter.class);
    private List authorizedUsers;
    private String authorizedUsersString;

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (log.isTraceEnabled()) {
            log.trace("entering doFilter(" + servletRequest + ", " + servletResponse + ", " + filterChain + ")");
        }
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            log.error("doFilter() called on instance of HttpServletRequest or HttpServletResponse.");
            throw new ServletException(SimpleCASAuthorizationFilter.class.getName() + ": protects only HTTP resources");
        }
        HttpSession session = ((HttpServletRequest) servletRequest).getSession();
        String str = (String) session.getAttribute("edu.yale.its.tp.cas.client.filter.user");
        if (this.authorizedUsers.isEmpty()) {
            log.error("User cannot be authorized if no users are authorized.");
            throw new ServletException(SimpleCASAuthorizationFilter.class.getName() + ": no authorized users set.");
        }
        if (!this.authorizedUsers.contains(str)) {
            log.info("Current user [" + str + "] not among authorized users.");
            throw new ServletException(SimpleCASAuthorizationFilter.class.getName() + ": user " + session.getAttribute("edu.yale.its.tp.cas.client.filter.user") + " not authorized.");
        }
        if (log.isTraceEnabled()) {
            log.trace("User [" + str + "] was authorized.  Passing request along filter chain.");
        }
        filterChain.doFilter(servletRequest, servletResponse);
        log.trace("returning from doFilter()");
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        log.trace("entering init()");
        this.authorizedUsersString = filterConfig.getInitParameter(AUTHORIZED_USER_STRING);
        StringTokenizer stringTokenizer = new StringTokenizer(this.authorizedUsersString);
        this.authorizedUsers = new ArrayList();
        while (stringTokenizer.hasMoreTokens()) {
            this.authorizedUsers.add(stringTokenizer.nextElement());
        }
        if (log.isTraceEnabled()) {
            log.trace("returning from init() having initialized filter as [" + toString() + "]");
        }
    }
}
