package com.kumuluz.ee.jwt.auth.filter;

import com.kumuluz.ee.jwt.auth.cdi.JWTContextInfo;
import com.kumuluz.ee.jwt.auth.context.JWTSecurityContext;
import com.kumuluz.ee.jwt.auth.feature.FeatureDisabledSingleton;
import com.kumuluz.ee.jwt.auth.principal.JWTPrincipal;
import com.kumuluz.ee.jwt.auth.validator.JWTValidationException;
import com.kumuluz.ee.jwt.auth.validator.JWTValidator;
import java.util.logging.Logger;
import javax.annotation.Priority;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;

@PreMatching
@ApplicationScoped
@Provider
@Priority(1000)
/* loaded from: input_file:com/kumuluz/ee/jwt/auth/filter/JWTAuthorizationFilter.class */
public class JWTAuthorizationFilter implements ContainerRequestFilter {
    private static final Logger LOG = Logger.getLogger(JWTAuthorizationFilter.class.getName());
    private static final String AUTHORIZATION_HEADER = "Authorization";

    @Inject
    private JWTContextInfo jwtContextInfo;

    public void filter(ContainerRequestContext containerRequestContext) {
        if (FeatureDisabledSingleton.getInstance().isEnabled()) {
            String str = null;
            if (containerRequestContext.getHeaders().containsKey(AUTHORIZATION_HEADER)) {
                str = containerRequestContext.getHeaderString(AUTHORIZATION_HEADER);
            }
            if (str != null) {
                if (!str.startsWith("Bearer")) {
                    LOG.fine("Authentication failed due to missing Authorization bearer token.");
                    containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Bearer realm=\"MP-JWT\"").build());
                    return;
                }
                try {
                    containerRequestContext.setSecurityContext(new JWTSecurityContext(containerRequestContext.getSecurityContext(), validateToken(str.substring(7), this.jwtContextInfo)));
                } catch (Exception e) {
                    LOG.fine("Authentication failed: " + e.getMessage());
                    containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Bearer realm=\"MP-JWT\"").build());
                }
            }
        }
    }

    private JWTPrincipal validateToken(String str, JWTContextInfo jWTContextInfo) throws JWTValidationException {
        return JWTValidator.validateToken(str, jWTContextInfo);
    }
}
