package net.sourceforge.blogentis.slide;
   
   //-----------------------------------------------------------------------
   //Blogentis - a blog publishing platform.
   //Copyright (C) 2004 Tassos Bassoukos <abassouk@gmail.com>
   //
   //This library is free software; you can redistribute it and/or
   //modify it under the terms of the GNU Lesser General Public
   //License as published by the Free Software Foundation; either
  //version 2.1 of the License, or (at your option) any later version.
  //
  //This library is distributed in the hope that it will be useful,
  //but WITHOUT ANY WARRANTY; without even the implied warranty of
  //MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  //Lesser General Public License for more details.
  //
  //You should have received a copy of the GNU Lesser General Public
  //License along with this library; if not, write to the Free Software
  //Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  //-----------------------------------------------------------------------
  //
  //$Id: SlideAdapterFilter.java,v 1.1 2004/10/22 17:34:16 tassos Exp $
  //
  
  import java.io.IOException;
  import java.security.Principal;
  import java.util.Date;
  import java.util.regex.Pattern;
  
  import javax.servlet.Filter;
  import javax.servlet.FilterChain;
  import javax.servlet.FilterConfig;
  import javax.servlet.RequestDispatcher;
  import javax.servlet.ServletException;
  import javax.servlet.ServletRequest;
  import javax.servlet.ServletResponse;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import javax.servlet.http.HttpSession;
  
  import org.apache.commons.httpclient.util.URIUtil;
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.apache.turbine.om.security.User;
  import org.apache.turbine.services.security.TurbineSecurity;
  import org.apache.turbine.util.TurbineException;
  
  import sun.misc.BASE64Decoder;
  
  /***
   * Filter that redirects direct file access or DAV requests to slide.
   * 
   * @author abas
   */
  public class SlideAdapterFilter
          implements Filter {
      private static final Log log = LogFactory.getLog(SlideAdapterFilter.class);
  
      private Pattern matchingPattern = null;
      private Pattern publicPattern = null;
      private RequestDispatcher slideDispatcher = null;
  
      public void init(FilterConfig config)
              throws ServletException {
          matchingPattern = Pattern.compile(config
                  .getInitParameter("matchingPattern"));
          publicPattern = Pattern.compile(config
                  .getInitParameter("publicPattern"));
          slideDispatcher = config.getServletContext()
                  .getNamedDispatcher(config.getInitParameter("slideServlet"));
      }
  
      private User isAuthorized(HttpServletRequest req) {
          String auth = req.getHeader("Authorization");
          if (auth == null)
              return null;
          if (!auth.toUpperCase().startsWith("BASIC "))
              return null;
          BASE64Decoder dec = new sun.misc.BASE64Decoder();
          String userpassDecoded;
          try {
              userpassDecoded = new String(dec.decodeBuffer(auth.substring(6)));
          } catch (IOException e) {
              return null;
          }
          String[] userPass = userpassDecoded.split(":");
          if (userPass.length != 2)
              return null;
          User u;
          try {
              u = TurbineSecurity.getAuthenticatedUser(userPass[0], userPass[1]);
          } catch (TurbineException e1) {
              return null;
          }
          return u;
      }
  
      public void doFilter(ServletRequest request, ServletResponse response,
                           FilterChain chain)
             throws IOException, ServletException {
         Date d = new Date();
         HttpServletRequest req = (HttpServletRequest)request;
         HttpServletResponse resp = (HttpServletResponse)response;
         String s = req.getServletPath();
 
         boolean isGetOrPost = "GET".equals(req.getMethod())
                 || "HEAD".equals(req.getMethod())
                 || "POST".equals(req.getMethod());
 
         try {
             if (s == null
                     || (!matchingPattern.matcher(s).matches() && isGetOrPost)) {
                 chain.doFilter(req, resp);
                 return;
             }
 
             HttpSession session = req.getSession(false);
             User user = session == null ? null : (User)session
                     .getAttribute(User.SESSION_KEY);
             if (user == null
                     && !(isGetOrPost && publicPattern.matcher(s).matches())) {
                 user = isAuthorized(req);
                 if (user == null) {
                     resp
                             .setHeader("WWW-Authenticate",
                                        "BASIC realm=\"blogentis\"");
                     resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
                     return;
                 }
             }
             if (user != null && session != null)
                 session.setAttribute(User.SESSION_KEY, user);
             if (log.isDebugEnabled())
                 log.debug("Performing method " + req.getMethod() + " on "
                         + URIUtil.encodePath(s));
             Principal principal = (user != null) ? new TurbinePrincipal(user)
                     : null;
             MutablePrincipalHttpRequestWrapper wrapper = new MutablePrincipalHttpRequestWrapper(
                 req, principal);
             slideDispatcher.forward(wrapper, resp);
         } finally {
             if (log.isInfoEnabled())
                 log.info("Request took " + (new Date().getTime() - d.getTime())
                         + "ms");
         }
     }
 
     public void destroy() {}
 }