package com.caucho.server.security;

import com.caucho.portal.generic.Constraint;
import com.caucho.server.host.Host;
import com.caucho.server.webapp.Application;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/caucho/server/security/TransportConstraint.class */
public class TransportConstraint extends AbstractConstraint {
    private String _transport;

    public TransportConstraint() {
    }

    public TransportConstraint(String str) {
        this._transport = str;
    }

    public void setTransportGuarantee(String str) {
        this._transport = str;
    }

    @Override // com.caucho.server.security.AbstractConstraint
    public boolean isPrivateCache() {
        return false;
    }

    @Override // com.caucho.server.security.AbstractConstraint
    public boolean isAuthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletContext servletContext) throws ServletException, IOException {
        if (this._transport == null || httpServletRequest.isSecure()) {
            return true;
        }
        Application application = (Application) servletContext;
        String secureHostName = ((Host) application.getParent()).getSecureHostName();
        if (secureHostName != null) {
            String stringBuffer = new StringBuffer().append("https://").append(secureHostName).append(application.getContextPath()).append(httpServletRequest.getServletPath()).toString();
            if (httpServletRequest.getPathInfo() != null) {
                stringBuffer = new StringBuffer().append(stringBuffer).append(httpServletRequest.getPathInfo()).toString();
            }
            if (httpServletRequest.getQueryString() != null) {
                stringBuffer = new StringBuffer().append(stringBuffer).append(httpServletRequest.getQueryString()).toString();
            }
            httpServletResponse.sendRedirect(stringBuffer);
            return false;
        }
        String stringBuffer2 = httpServletRequest.getRequestURL().toString();
        if (!stringBuffer2.startsWith("http:")) {
            httpServletResponse.sendError(Constraint.SC_FORBIDDEN, (String) null);
            return false;
        }
        String stringBuffer3 = new StringBuffer().append("https:").append(stringBuffer2.substring(5)).toString();
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            httpServletResponse.sendRedirect(new StringBuffer().append(stringBuffer3).append("?").append(queryString).toString());
            return false;
        }
        httpServletResponse.sendRedirect(stringBuffer3);
        return false;
    }
}
