package be.atbash.ee.security.signature.jaxrs;

import be.atbash.ee.security.signature.api.SignatureKeyDataProvider;
import be.atbash.ee.security.signature.api.verify.Verifier;
import be.atbash.ee.security.signature.api.verify.VerifyResult;
import be.atbash.ee.security.signature.jaxrs.annotation.RestSignatureCheck;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.annotation.Annotation;
import java.nio.charset.Charset;
import java.util.Scanner;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
/* loaded from: input_file:be/atbash/ee/security/signature/jaxrs/SignatureServerRequestFilter.class */
public class SignatureServerRequestFilter implements ContainerRequestFilter {
    private Logger logger = LoggerFactory.getLogger(SignatureServerRequestFilter.class);

    @Context
    private ResourceInfo resourceInfo;

    @Inject
    private Instance<SignatureKeyDataProvider> signatureKeyDataProvider;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (containsRestSignatureCheckAnnotation()) {
            String entityBody = getEntityBody(containerRequestContext);
            URIInfoServer uRIInfoServer = new URIInfoServer(containerRequestContext);
            try {
                VerifyResult verify = Verifier.getInstance((SignatureKeyDataProvider) this.signatureKeyDataProvider.get(), 30000).verify(containerRequestContext.getHeaders(), entityBody, uRIInfoServer);
                if (VerifyResult.NO_AUTHORIZATION_HEADER == verify) {
                    return;
                }
                if (VerifyResult.SUCCESS != verify) {
                    this.logger.warn(verify.getMessage());
                    containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
                }
            } catch (Exception e) {
                this.logger.warn(e.getMessage());
                containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
            }
        }
    }

    private boolean containsRestSignatureCheckAnnotation() {
        RestSignatureCheck restSignatureCheck = (RestSignatureCheck) this.resourceInfo.getResourceMethod().getAnnotation(RestSignatureCheck.class);
        if (restSignatureCheck == null) {
            restSignatureCheck = (RestSignatureCheck) getAnnotation(this.resourceInfo.getResourceClass(), RestSignatureCheck.class);
        }
        return restSignatureCheck != null;
    }

    private String getEntityBody(ContainerRequestContext containerRequestContext) {
        String str = null;
        try {
            str = read(containerRequestContext.getEntityStream());
            containerRequestContext.setEntityStream(new ByteArrayInputStream(str.getBytes(Charset.forName("UTF-8"))));
        } catch (IOException e) {
        }
        return str;
    }

    private static String read(InputStream inputStream) throws IOException {
        Scanner useDelimiter = new Scanner(inputStream).useDelimiter("\\A");
        return useDelimiter.hasNext() ? useDelimiter.next() : "";
    }

    private static <A extends Annotation> A getAnnotation(Class<?> cls, Class<A> cls2) {
        Annotation annotation = null;
        if (cls.isAnnotationPresent(cls2)) {
            annotation = cls.getAnnotation(cls2);
        } else if (cls != Object.class) {
            annotation = getAnnotation(cls.getSuperclass(), cls2);
        }
        return (A) annotation;
    }
}
