package org.craftercms.engine.util.spring.security;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import org.craftercms.commons.lang.UrlUtils;
import org.craftercms.engine.exception.HttpStatusCodeException;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/classes/org/craftercms/engine/util/spring/security/ForbiddenUrlsFilter.class */
public class ForbiddenUrlsFilter extends GenericFilterBean {
    private final RequestMatcher matcher;

    public ForbiddenUrlsFilter(RequestMatcher requestMatcher) {
        this.matcher = requestMatcher;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String requestURI = httpServletRequest.getRequestURI();
        if (!this.matcher.matches(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            String format = String.format("Forbidden. You don't have permission to access '%s' on this server", UrlUtils.cleanUrlForLog(requestURI));
            this.logger.error(format);
            throw new HttpStatusCodeException(HttpStatus.NOT_FOUND, format);
        }
    }
}
