package net.sf.aguacate.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.aguacate.filter.data.TokenDataProcess;
import net.sf.aguacate.filter.data.TokenDataProcessImpl;
import net.sf.aguacate.security.service.HttpRequestKeys;
import net.sf.aguacate.security.service.SecurityService;
import net.sf.aguacate.security.service.SecurityServiceCoupling;
import net.sf.aguacate.security.service.SecurityValidationResponse;
import net.sf.aguacate.security.service.SecurityValidationStatus;
import net.sf.aguacate.util.servlet.ServletUtil;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/aguacate-filter-0.2.8.jar:net/sf/aguacate/filter/SecurityFilterAuthorizationBearer.class */
public class SecurityFilterAuthorizationBearer implements Filter {
    private static final Logger LOGGER;
    private static final String PREFIX = "Bearer ";
    private static final int PREFIX_LENGTH = 7;
    private static final TokenDataProcess process;
    static final /* synthetic */ boolean $assertionsDisabled;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        doFilter((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse, filterChain);
    }

    void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException {
        try {
            SecurityService service = SecurityServiceCoupling.service();
            if (service == null) {
                LOGGER.info("No security service");
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } else {
                String header = httpServletRequest.getHeader("Authorization");
                if (header == null || header.isEmpty()) {
                    LOGGER.debug("Not present or Empty Authorization");
                    httpServletResponse.setStatus(HttpStatus.SC_UNAUTHORIZED);
                } else if (header.startsWith(PREFIX)) {
                    String trim = header.substring(7).trim();
                    SecurityValidationResponse isValid = service.isValid(trim, httpServletRequest.getMethod(), ServletUtil.getEntity(httpServletRequest));
                    SecurityValidationStatus status = isValid.getStatus();
                    LOGGER.trace("status {}: {}", trim, status);
                    switch (status) {
                        case UNAUTHORIZED:
                            httpServletResponse.setStatus(HttpStatus.SC_UNAUTHORIZED);
                            break;
                        case SUCCESS:
                            httpServletRequest.setAttribute(HttpRequestKeys.KEY_TOKEN_DATA, process.process(isValid.getData()));
                            filterChain.doFilter(httpServletRequest, httpServletResponse);
                            break;
                        case UNINTELLIGIBLE:
                        case UNSUPPORTED:
                        case FORBIDDEN:
                        default:
                            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
                            break;
                    }
                } else {
                    LOGGER.debug("No Bearer token");
                    httpServletResponse.setStatus(HttpStatus.SC_UNAUTHORIZED);
                }
            }
        } catch (IOException | RuntimeException e) {
            LOGGER.error("An error", e);
            httpServletResponse.setStatus(500);
        }
    }

    public void destroy() {
    }

    static {
        $assertionsDisabled = !SecurityFilterAuthorizationBearer.class.desiredAssertionStatus();
        LOGGER = LogManager.getLogger((Class<?>) SecurityFilterAuthorizationBearer.class);
        process = new TokenDataProcessImpl();
        if (!$assertionsDisabled && 7 != PREFIX.length()) {
            throw new AssertionError();
        }
    }
}
