package org.uberfire.server;

import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletResponse;
import org.picketlink.common.constants.LDAPConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.io.regex.AntPathMatcher;
import org.uberfire.java.nio.file.Path;

/* loaded from: input_file:WEB-INF/lib/uberfire-server-1.1.0.Beta2.jar:org/uberfire/server/BaseFilteredServlet.class */
public abstract class BaseFilteredServlet extends HttpServlet {
    private static final Logger logger = LoggerFactory.getLogger(BaseFilteredServlet.class);
    protected Collection<String> includes = new ArrayList();
    protected Collection<String> excludes = new ArrayList();

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        String initParameter = servletConfig.getInitParameter("includes-path");
        if (initParameter != null && !initParameter.trim().isEmpty()) {
            this.includes.addAll(Arrays.asList(initParameter.split(LDAPConstants.COMMA)));
        }
        String initParameter2 = servletConfig.getInitParameter("excludes-path");
        if (initParameter2 == null || initParameter2.trim().isEmpty()) {
            return;
        }
        this.excludes.addAll(Arrays.asList(initParameter2.split(LDAPConstants.COMMA)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean validateAccess(URI uri, HttpServletResponse httpServletResponse) {
        if (AntPathMatcher.filter(this.includes, this.excludes, uri)) {
            return true;
        }
        logger.error("Invalid credentials to path.");
        try {
            httpServletResponse.sendError(403);
            return false;
        } catch (Exception e) {
            logger.error(e.getMessage(), (Throwable) e);
            return false;
        }
    }

    protected boolean validateAccess(Path path, HttpServletResponse httpServletResponse) {
        if (AntPathMatcher.filter(this.includes, this.excludes, path)) {
            return true;
        }
        logger.error("Invalid credentials to path.");
        try {
            httpServletResponse.sendError(403);
            return false;
        } catch (Exception e) {
            logger.error(e.getMessage(), (Throwable) e);
            return false;
        }
    }
}
