package io.druid.server.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.druid.java.util.common.logger.Logger;
import io.druid.query.QueryInterruptedException;
import io.druid.server.DruidNode;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:io/druid/server/security/SecuritySanityCheckFilter.class */
public class SecuritySanityCheckFilter implements Filter {
    private static final Logger log = new Logger(SecuritySanityCheckFilter.class);
    private final String unauthorizedMessage;

    public SecuritySanityCheckFilter(ObjectMapper objectMapper) {
        try {
            QueryInterruptedException queryInterruptedException = new QueryInterruptedException("Unauthorized request.", (String) null, (String) null, DruidNode.getDefaultHost());
            queryInterruptedException.setStackTrace(new StackTraceElement[0]);
            this.unauthorizedMessage = objectMapper.writeValueAsString(queryInterruptedException);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        Boolean bool = (Boolean) servletRequest.getAttribute(AuthConfig.DRUID_AUTHORIZATION_CHECKED);
        AuthenticationResult authenticationResult = (AuthenticationResult) servletRequest.getAttribute(AuthConfig.DRUID_AUTHENTICATION_RESULT);
        if (bool == null && authenticationResult == null) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            sendJsonError(httpServletResponse, 403, this.unauthorizedMessage, outputStream);
            outputStream.close();
        }
    }

    public void destroy() {
    }

    public static void sendJsonError(HttpServletResponse httpServletResponse, int i, String str, OutputStream outputStream) {
        httpServletResponse.setStatus(i);
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        try {
            outputStream.write(str.getBytes(StandardCharsets.UTF_8));
        } catch (IOException e) {
            log.error("WTF? Can't get writer from HTTP response.", new Object[0]);
        }
    }
}
