package com.composum.sling.core.servlet;

import com.composum.sling.core.BeanContext;
import com.composum.sling.core.util.LinkUtil;
import com.composum.sling.core.util.XSS;
import java.io.IOException;
import java.util.regex.Pattern;
import javax.servlet.ServletException;
import org.apache.commons.lang3.StringUtils;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.request.RequestDispatcherOptions;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.servlets.SlingSafeMethodsServlet;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.annotations.Activate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:libs/composum/nodes/install/composum-nodes-commons-bundle-2.6.3.jar:com/composum/sling/core/servlet/AbstractConsoleServlet.class */
public abstract class AbstractConsoleServlet extends SlingSafeMethodsServlet {
    private static final Logger LOG = LoggerFactory.getLogger(AbstractConsoleServlet.class);
    protected BundleContext bundleContext;

    @Activate
    protected void activate(BundleContext bundleContext) {
        this.bundleContext = bundleContext;
    }

    protected abstract String getServletPath(BeanContext beanContext);

    protected abstract Pattern getPathPattern(BeanContext beanContext);

    protected abstract String getResourceType(BeanContext beanContext);

    protected String getConsolePath(BeanContext beanContext) {
        return null;
    }

    protected String getRequestPath(SlingHttpServletRequest slingHttpServletRequest) {
        String filter = XSS.filter(slingHttpServletRequest.getRequestPathInfo().getSuffix());
        if (StringUtils.isBlank(filter)) {
            filter = "/";
        }
        return filter;
    }

    protected BeanContext createContext(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) {
        return new BeanContext.Servlet(getServletContext(), this.bundleContext, slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        BeanContext createContext = createContext(slingHttpServletRequest, slingHttpServletResponse);
        String pathInfo = slingHttpServletRequest.getPathInfo();
        if (!getPathPattern(createContext).matcher(pathInfo).matches()) {
            if (pathInfo.equals(getServletPath(createContext))) {
                slingHttpServletResponse.sendRedirect(LinkUtil.getUrl(slingHttpServletRequest, pathInfo + LinkUtil.EXT_HTML));
                return;
            } else {
                slingHttpServletResponse.sendError(400);
                return;
            }
        }
        if (!checkConsoleAccess(createContext)) {
            slingHttpServletResponse.sendError(403);
            return;
        }
        RequestDispatcherOptions requestDispatcherOptions = new RequestDispatcherOptions();
        prepareForward(createContext, requestDispatcherOptions);
        slingHttpServletRequest.getRequestDispatcher(slingHttpServletRequest.getResource(), requestDispatcherOptions).forward(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void prepareForward(BeanContext beanContext, RequestDispatcherOptions requestDispatcherOptions) {
        String requestPath = getRequestPath(beanContext.getRequest());
        if (StringUtils.isNotBlank(requestPath)) {
            requestDispatcherOptions.setReplaceSuffix(requestPath);
        }
        requestDispatcherOptions.setForceResourceType(getResourceType(beanContext));
    }

    protected boolean checkConsoleAccess(BeanContext beanContext) {
        String consolePath = getConsolePath(beanContext);
        if (!StringUtils.isNotBlank(consolePath)) {
            return true;
        }
        Resource resource = beanContext.getResolver().getResource(consolePath);
        if (resource == null) {
            LOG.info("Access to {} denied for {}", consolePath, beanContext.getResolver().getUserID());
        }
        return resource != null;
    }
}
