package org.gluu.oxauthconfigapi.filters;

import io.vertx.core.http.HttpServerRequest;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Provider;
import org.gluu.oxtrust.auth.uma.BaseUmaProtectionService;
import org.slf4j.Logger;

@Provider
@Priority(1)
@PreMatching
/* loaded from: input_file:org/gluu/oxauthconfigapi/filters/AuthorizationFilter.class */
public class AuthorizationFilter implements ContainerRequestFilter {
    private static final String AUTHENTICATION_SCHEME = "Bearer";

    @Context
    UriInfo info;

    @Context
    HttpServerRequest request;

    @Context
    private HttpHeaders httpHeaders;

    @Context
    private ResourceInfo resourceInfo;
    BaseUmaProtectionService protectionService;

    @Inject
    Logger logger;

    public void filter(ContainerRequestContext containerRequestContext) {
        this.logger.info("=======================================================================");
        this.logger.info("======" + containerRequestContext.getMethod() + " " + this.info.getPath() + " FROM IP " + this.request.remoteAddress().toString());
        this.logger.info("======PERFORMING AUTHORIZATION=========================================");
        String headerString = containerRequestContext.getHeaderString("Authorization");
        if (!isTokenBasedAuthentication(headerString)) {
            abortWithUnauthorized(containerRequestContext);
            this.logger.info("======ONLY TOKEN BASED AUTHORIZATION IS SUPPORTED======================");
            return;
        }
        try {
            validateToken(headerString.substring(AUTHENTICATION_SCHEME.length()).trim(), containerRequestContext);
            this.logger.info("======AUTHORIZATION  GRANTED===========================================");
        } catch (Exception e) {
            this.logger.info("", e);
            abortWithUnauthorized(containerRequestContext);
            this.logger.info("======INVALID AUTHORIZATION TOKEN======================================");
        }
    }

    private boolean isTokenBasedAuthentication(String str) {
        return str != null && str.toLowerCase().startsWith(AUTHENTICATION_SCHEME.toLowerCase() + " ");
    }

    private void abortWithUnauthorized(ContainerRequestContext containerRequestContext) {
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", AUTHENTICATION_SCHEME).build());
    }

    private void validateToken(String str, ContainerRequestContext containerRequestContext) throws Exception {
        this.protectionService = new ApiUmaProtectionService();
    }
}
