package org.opensaml.messaging.handler.impl;

import javax.servlet.http.HttpServletRequest;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.handler.AbstractMessageHandler;
import org.opensaml.messaging.handler.MessageHandlerException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opensaml/messaging/handler/impl/HTTPRequestValidationHandler.class */
public class HTTPRequestValidationHandler extends AbstractMessageHandler {
    private final Logger log = LoggerFactory.getLogger((Class<?>) HTTPRequestValidationHandler.class);
    private String requiredContentType;
    private String requiredRequestMethod;
    private boolean requireSecured;
    private HttpServletRequest httpServletRequest;

    public String getRequiredContentType() {
        return this.requiredContentType;
    }

    public void setRequiredContentType(String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.requiredContentType = str;
        this.requiredRequestMethod = StringSupport.trimOrNull(str);
    }

    public String getRequiredRequestMethod() {
        return this.requiredRequestMethod;
    }

    public void setRequiredRequestMethod(String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.requiredRequestMethod = StringSupport.trimOrNull(str);
    }

    public boolean isRequireSecured() {
        return this.requireSecured;
    }

    public void setRequireSecured(boolean z) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.requireSecured = z;
    }

    public HttpServletRequest getHttpServletRequest() {
        return this.httpServletRequest;
    }

    public void setHttpServletRequest(HttpServletRequest httpServletRequest) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.httpServletRequest = (HttpServletRequest) Constraint.isNotNull(httpServletRequest, "HttpServletRequest may not be null");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        Constraint.isNotNull(getHttpServletRequest(), "HttpServletRequest may not be null");
    }

    @Override // org.opensaml.messaging.handler.AbstractMessageHandler
    protected void doInvoke(MessageContext messageContext) throws MessageHandlerException {
        evaluateContentType(getHttpServletRequest());
        evaluateRequestMethod(getHttpServletRequest());
        evaluateSecured(getHttpServletRequest());
    }

    protected void evaluateContentType(HttpServletRequest httpServletRequest) throws MessageHandlerException {
        String header = httpServletRequest.getHeader("Content-Type");
        if (getRequiredContentType() == null || header.startsWith(getRequiredContentType())) {
            return;
        }
        this.log.error("Invalid content type, expected '{}' but was '{}'", getRequiredContentType(), header);
        throw new MessageHandlerException("Invalid content type, expected " + getRequiredContentType() + " but was " + header);
    }

    protected void evaluateRequestMethod(HttpServletRequest httpServletRequest) throws MessageHandlerException {
        String method = httpServletRequest.getMethod();
        if (getRequiredRequestMethod() == null || method.equalsIgnoreCase(getRequiredRequestMethod())) {
            return;
        }
        this.log.error("Invalid request method, expected '{}' but was '{}'", getRequiredRequestMethod(), method);
        throw new MessageHandlerException("Invalid request method, expected " + getRequiredRequestMethod() + " but was " + method);
    }

    protected void evaluateSecured(HttpServletRequest httpServletRequest) throws MessageHandlerException {
        if (!isRequireSecured() || httpServletRequest.isSecure()) {
            return;
        }
        this.log.error("Request was required to be secured but was not");
        throw new MessageHandlerException("Request was required to be secured but was not");
    }
}
