package org.cloudfoundry.multiapps.controller.web.configuration;

import java.text.MessageFormat;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cloudfoundry.multiapps.controller.web.Constants;
import org.cloudfoundry.multiapps.controller.web.Messages;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.csrf.InvalidCsrfTokenException;
import org.springframework.security.web.csrf.MissingCsrfTokenException;

/* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/configuration/CsrfAccessDeniedHandler.class */
public class CsrfAccessDeniedHandler implements AccessDeniedHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(CsrfAccessDeniedHandler.class);
    private static final String CSRF_TOKEN_REQUIRED_HEADER_VALUE = "Required";

    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) {
        LOGGER.error(MessageFormat.format(Messages.REQUEST_0_1_FAILED_WITH_2, httpServletRequest.getMethod(), httpServletRequest.getRequestURI(), accessDeniedException.getMessage()), accessDeniedException);
        if ((accessDeniedException instanceof InvalidCsrfTokenException) || (accessDeniedException instanceof MissingCsrfTokenException)) {
            httpServletResponse.setHeader(Constants.CSRF_TOKEN, CSRF_TOKEN_REQUIRED_HEADER_VALUE);
        }
        httpServletResponse.setStatus(403);
    }
}
