package org.eclipsefoundation.core.request;

import java.io.IOException;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.apache.commons.lang3.StringUtils;
import org.eclipsefoundation.core.annotations.KeySecured;
import org.eclipsefoundation.core.helper.SecureResourceKey;
import org.jboss.resteasy.core.interception.jaxrs.PostMatchContainerRequestContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
/* loaded from: input_file:org/eclipsefoundation/core/request/SecuredResourceFilter.class */
public class SecuredResourceFilter implements ContainerRequestFilter {
    public static final Logger LOGGER = LoggerFactory.getLogger(SecuredResourceFilter.class);

    @Inject
    SecureResourceKey key;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (((KeySecured) ((PostMatchContainerRequestContext) containerRequestContext).getResourceMethod().getMethod().getAnnotation(KeySecured.class)) != null) {
            String str = (String) containerRequestContext.getUriInfo().getQueryParameters().getFirst("key");
            if (StringUtils.isBlank(str)) {
                if (LOGGER.isTraceEnabled()) {
                    LOGGER.trace("Request to '{}' aborted as the passed secure key was blank but was required", containerRequestContext.getUriInfo().getAbsolutePath());
                }
                containerRequestContext.abortWith(Response.status(Response.Status.FORBIDDEN).build());
            } else {
                if (str.equals(this.key.getKey())) {
                    return;
                }
                if (LOGGER.isTraceEnabled()) {
                    LOGGER.trace("Request to '{}' aborted as the passed secure key was incorrect", containerRequestContext.getUriInfo().getAbsolutePath());
                }
                containerRequestContext.abortWith(Response.status(Response.Status.FORBIDDEN).build());
            }
        }
    }
}
