package org.openscoring.service.filters;

import com.typesafe.config.Config;
import jakarta.annotation.Priority;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.container.PreMatching;
import jakarta.ws.rs.core.Cookie;
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.core.SecurityContext;
import jakarta.ws.rs.ext.Provider;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Map;
import org.openscoring.service.Roles;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@PreMatching
@Provider
@Priority(1000)
/* loaded from: input_file:org/openscoring/service/filters/TokenSecurityContextFilter.class */
public class TokenSecurityContextFilter implements ContainerRequestFilter {
    private String userToken;
    private String adminToken;
    private static final Logger logger = LoggerFactory.getLogger(TokenSecurityContextFilter.class);
    private static final SecureRandom random;

    @Inject
    public TokenSecurityContextFilter(@Named("openscoring") Config config) {
        this.userToken = null;
        this.adminToken = null;
        Config config2 = config.getConfig("tokenSecurityContextFilter");
        this.userToken = prepareToken(config2, "userToken");
        this.adminToken = prepareToken(config2, "adminToken");
        logger.info("User token: {}", this.userToken);
        logger.info("Admin token: {}", this.adminToken);
    }

    public void filter(final ContainerRequestContext containerRequestContext) throws IOException {
        final SecurityContext securityContext = containerRequestContext.getSecurityContext();
        containerRequestContext.setSecurityContext(new SecurityContext() { // from class: org.openscoring.service.filters.TokenSecurityContextFilter.1
            public Principal getUserPrincipal() {
                return Anonymous.INSTANCE;
            }

            public boolean isUserInRole(String str) {
                String adminToken;
                String token = getToken();
                boolean z = -1;
                switch (str.hashCode()) {
                    case 3599307:
                        if (str.equals(Roles.USER)) {
                            z = false;
                            break;
                        }
                        break;
                    case 92668751:
                        if (str.equals(Roles.ADMIN)) {
                            z = true;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        adminToken = TokenSecurityContextFilter.this.getUserToken();
                        break;
                    case true:
                        adminToken = TokenSecurityContextFilter.this.getAdminToken();
                        break;
                    default:
                        return false;
                }
                return adminToken.equals(token) || adminToken.equals("");
            }

            public boolean isSecure() {
                return securityContext != null && securityContext.isSecure();
            }

            public String getAuthenticationScheme() {
                return "TOKEN";
            }

            private String getToken() {
                Map cookies = containerRequestContext.getCookies();
                MultivaluedMap headers = containerRequestContext.getHeaders();
                Cookie cookie = (Cookie) cookies.get("token");
                if (cookie != null) {
                    return cookie.getValue();
                }
                String str = (String) headers.getFirst("Authorization");
                if (str == null || !str.startsWith("Bearer ")) {
                    return null;
                }
                return str.substring("Bearer ".length());
            }
        });
    }

    private String getUserToken() {
        return this.userToken;
    }

    private String getAdminToken() {
        return this.adminToken;
    }

    private static String prepareToken(Config config, String str) {
        String string = config.getString(str);
        if (string.equals("random")) {
            string = generateRandomToken(32);
        }
        return string;
    }

    private static String generateRandomToken(int i) {
        byte[] bArr = new byte[i];
        random.nextBytes(bArr);
        return Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
    }

    static {
        try {
            random = SecureRandom.getInstanceStrong();
        } catch (NoSuchAlgorithmException e) {
            throw new ExceptionInInitializerError(e);
        }
    }
}
