package com.stormpath.sdk.servlet.filter;

import com.stormpath.sdk.lang.Assert;
import com.stormpath.sdk.servlet.http.UserAgent;
import com.stormpath.sdk.servlet.http.UserAgents;
import com.stormpath.sdk.servlet.util.ServletUtils;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/stormpath/sdk/servlet/filter/DefaultUnauthorizedHandler.class */
public class DefaultUnauthorizedHandler implements UnauthorizedHandler {
    private final String unauthorizedUrl;

    public DefaultUnauthorizedHandler(String str) {
        Assert.hasText(str, "unauthorizedUrl cannot be null or empty.");
        this.unauthorizedUrl = str;
    }

    protected String getUnauthorizedUrl() {
        return this.unauthorizedUrl;
    }

    @Override // com.stormpath.sdk.servlet.filter.UnauthorizedHandler
    public boolean onUnauthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        if (isHtmlPreferred(httpServletRequest)) {
            try {
                ServletUtils.issueRedirect(httpServletRequest, httpServletResponse, getUnauthorizedUrl(), null, true, true);
                return false;
            } catch (IOException e) {
                throw new ServletException("Unable to issue unauthorized redirect: " + e.getMessage(), e);
            }
        }
        httpServletResponse.setStatus(403);
        httpServletResponse.setHeader("Cache-Control", "no-store, no-cache");
        httpServletResponse.setHeader("Pragma", "no-cache");
        return false;
    }

    protected boolean isHtmlPreferred(HttpServletRequest httpServletRequest) {
        return getUserAgent(httpServletRequest).isHtmlPreferred();
    }

    protected UserAgent getUserAgent(HttpServletRequest httpServletRequest) {
        return UserAgents.get(httpServletRequest);
    }
}
