package codes.vps.mockta.ws.okta;

import codes.vps.mockta.db.OktaSession;
import codes.vps.mockta.db.SessionDB;
import codes.vps.mockta.obj.okta.ErrorObject;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:WEB-INF/classes/codes/vps/mockta/ws/okta/AuthInterceptor.class */
public class AuthInterceptor implements HandlerInterceptor {
    private final Set<String> apiTokens = new HashSet();

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        if (handlerMethod.getMethodAnnotation(IsSkipAuth.class) != null) {
            return true;
        }
        Object bean = handlerMethod.getBean();
        boolean z = handlerMethod.getMethodAnnotation(IsAdminService.class) != null;
        if (!z) {
            z = bean instanceof AdminService;
        }
        if (!z) {
            if (!(bean instanceof UserAuthenticatedService)) {
                return true;
            }
            ((UserAuthenticatedService) bean).setSession(getSessionFromCookie(httpServletRequest));
            return true;
        }
        boolean z2 = false;
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.startsWith("SSWS ") && this.apiTokens.contains(header.substring(5))) {
            z2 = true;
        }
        if (z2) {
            return true;
        }
        httpServletResponse.sendError(401, "Authentication token invalid or missing");
        return false;
    }

    public static OktaSession getSessionFromCookie(HttpServletRequest httpServletRequest) {
        Cookie cookie = null;
        if (httpServletRequest.getCookies() != null) {
            Cookie[] cookies = httpServletRequest.getCookies();
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie2 = cookies[i];
                if (Objects.equals(OktaSession.COOKIE_NAME, cookie2.getName())) {
                    cookie = cookie2;
                    break;
                }
                i++;
            }
        }
        if (cookie == null || cookie.getValue() == null) {
            throw ErrorObject.notFound("no session cookie value").boom();
        }
        return SessionDB.getByCookie(cookie.getValue());
    }

    public void setApiTokens(Collection<String> collection) {
        this.apiTokens.clear();
        this.apiTokens.addAll(collection);
    }

    public List<String> getApiTokens() {
        return new ArrayList(this.apiTokens);
    }
}
