package com.ibm.ws.security.oauth20.filter;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.util.Constants;
import com.ibm.ws.threadContext.ComponentMetaDataAccessorImpl;
import com.ibm.wsspi.webcontainer.metadata.WebModuleMetaData;
import javax.servlet.http.HttpServletRequest;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.oauth20_1.1.9.jar:com/ibm/ws/security/oauth20/filter/OAuthResourceProtectionFilter.class */
public class OAuthResourceProtectionFilter extends CommonHTTPHeaderFilter implements HTTPHeaderFilter {
    static final TraceComponent tc = Tr.register((Class<?>) OAuthResourceProtectionFilter.class, "OAUTH", "com.ibm.ws.security.oauth20.internal.resources.OAuthMessages");
    static final long serialVersionUID = -527939798544838959L;

    public OAuthResourceProtectionFilter(boolean z) {
        super.setProcessAll(z);
    }

    public OAuthResourceProtectionFilter(String str, boolean z) {
        super(str);
        super.setProcessAll(z);
    }

    @Override // com.ibm.ws.security.oauth20.filter.CommonHTTPHeaderFilter, com.ibm.ws.security.oauth20.filter.HTTPHeaderFilter
    public boolean init(String str) {
        super.init(str);
        boolean z = false;
        if (str == null) {
            this.nonFilter = true;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Filter Not Defined", new Object[0]);
            }
        } else {
            z = true;
        }
        return z;
    }

    @Override // com.ibm.ws.security.oauth20.filter.HTTPHeaderFilter
    public boolean isAccepted(HttpServletRequest httpServletRequest) {
        if (isOAuthServiceApp(httpServletRequest)) {
            return false;
        }
        return isAccepted(new RealRequestInfo(httpServletRequest));
    }

    private boolean isOAuthServiceApp(HttpServletRequest httpServletRequest) {
        String application = getApplication(httpServletRequest);
        boolean z = false;
        if ("com.ibm.ws.security.oauth20".equalsIgnoreCase(application) || (Constants.OIDC_SERVICE_APP.equalsIgnoreCase(application) && !isProtectedByAccessToken(httpServletRequest))) {
            z = true;
        }
        return z;
    }

    private boolean isProtectedByAccessToken(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        return (requestURI.endsWith("token") || requestURI.endsWith(Constants.AUTHORIZE)) ? false : true;
    }

    private static String getApplication(HttpServletRequest httpServletRequest) {
        return ((WebModuleMetaData) ComponentMetaDataAccessorImpl.getComponentMetaDataAccessor().getComponentMetaData().getModuleMetaData()).getConfiguration().getApplicationName();
    }
}
