package io.jans.configapi.filters;

import io.jans.configapi.auth.AuthorizationService;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Provider;
import org.slf4j.Logger;

@ProtectedApi
@Provider
@Priority(1000)
/* loaded from: input_file:io/jans/configapi/filters/AuthorizationFilter.class */
public class AuthorizationFilter implements ContainerRequestFilter {
    private static final String AUTHENTICATION_SCHEME = "Bearer";

    @Inject
    Logger log;

    @Context
    UriInfo info;

    @Context
    HttpServletRequest request;

    @Context
    private HttpHeaders httpHeaders;

    @Context
    private ResourceInfo resourceInfo;

    @Inject
    AuthorizationService authorizationService;

    public void filter(ContainerRequestContext containerRequestContext) {
        this.log.info("=======================================================================");
        this.log.info("====== info.getAbsolutePath() = " + this.info.getAbsolutePath() + " , info.getRequestUri() = " + this.info.getRequestUri() + "\n\n");
        this.log.info("====== info.getBaseUri()=" + this.info.getBaseUri() + " info.getPath()=" + this.info.getPath() + " info.toString()=" + this.info.toString());
        this.log.info("====== request.getContextPath()=" + this.request.getContextPath() + " request.getRequestURI()=" + this.request.getRequestURI() + " request.toString() " + this.request.toString());
        this.log.info("======" + containerRequestContext.getMethod() + " " + this.info.getPath() + " FROM IP " + this.request.getRemoteAddr());
        this.log.info("======PERFORMING AUTHORIZATION=========================================");
        String headerString = containerRequestContext.getHeaderString("Authorization");
        this.log.info("\n\n\n AuthorizationFilter::filter() - authorizationHeader = " + headerString + "\n\n\n");
        if (!isTokenBasedAuthentication(headerString)) {
            abortWithUnauthorized(containerRequestContext);
            this.log.info("======ONLY TOKEN BASED AUTHORIZATION IS SUPPORTED======================");
            return;
        }
        try {
            this.authorizationService.processAuthorization(headerString, this.resourceInfo, containerRequestContext.getMethod(), this.request.getRequestURI());
            this.log.info("======AUTHORIZATION  GRANTED===========================================");
        } catch (Exception e) {
            this.log.error("======AUTHORIZATION  FAILED ===========================================", e);
            abortWithUnauthorized(containerRequestContext);
        }
    }

    private boolean isTokenBasedAuthentication(String str) {
        return str != null && str.toLowerCase().startsWith(AUTHENTICATION_SCHEME.toLowerCase() + " ");
    }

    private void abortWithUnauthorized(ContainerRequestContext containerRequestContext) {
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", AUTHENTICATION_SCHEME).build());
    }
}
