package org.gcube.application.framework.http.login;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.util.WebdavStatus;
import org.gcube.application.framework.core.session.SessionManager;
import org.gcube.application.framework.core.util.ASLGroupModel;
import org.gcube.application.framework.http.anonymousaccess.management.UsersManagementUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/gcube/application/framework/http/login/LoginScope.class */
public class LoginScope extends HttpServlet {
    private static final Logger logger = LoggerFactory.getLogger(LoginScope.class);
    private static final long serialVersionUID = 1;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession(true);
        logger.info("Session id" + session.getId());
        String str = (String) session.getAttribute("logon.isDone");
        if (str == null) {
            httpServletResponse.sendError(WebdavStatus.SC_UNAUTHORIZED);
            return;
        }
        String parameter = httpServletRequest.getParameter("scope");
        if (parameter == null) {
            httpServletResponse.sendError(WebdavStatus.SC_BAD_REQUEST, "No scope selected");
        } else {
            if (!getUserScopes(str).contains(parameter)) {
                httpServletResponse.sendError(WebdavStatus.SC_UNAUTHORIZED, "User access denied in the selected scope");
                return;
            }
            session.setAttribute("logonScope.isDone", parameter);
            SessionManager.getInstance().getASLSession(session.getId(), str).setScope(parameter);
            httpServletResponse.setStatus(200);
        }
    }

    private ArrayList<String> getUserScopes(String str) {
        ArrayList<String> arrayList = new ArrayList<>();
        UsersManagementUtils usersManagementUtils = new UsersManagementUtils();
        List<ASLGroupModel> listGroupsByUser = usersManagementUtils.listGroupsByUser(usersManagementUtils.getUserId(str));
        for (int i = 0; i < listGroupsByUser.size(); i++) {
            arrayList.add(usersManagementUtils.getScope(Long.toString(listGroupsByUser.get(i).getGroupId())));
        }
        return arrayList;
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    }
}
