package de.adorsys.datasafe.rest.impl.security;

import com.google.common.base.Strings;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.security.SignatureException;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:BOOT-INF/classes/de/adorsys/datasafe/rest/impl/security/JwtAuthorizationFilter.class */
public class JwtAuthorizationFilter extends BasicAuthenticationFilter {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JwtAuthorizationFilter.class);
    private final SecurityProperties securityProperties;

    public JwtAuthorizationFilter(AuthenticationManager authenticationManager, SecurityProperties securityProperties) {
        super(authenticationManager);
        this.securityProperties = securityProperties;
    }

    @Override // org.springframework.security.web.authentication.www.BasicAuthenticationFilter, org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        UsernamePasswordAuthenticationToken authentication = getAuthentication(httpServletRequest);
        String header = httpServletRequest.getHeader(SecurityConstants.TOKEN_HEADER);
        if (Strings.isNullOrEmpty(header) || !header.startsWith(SecurityConstants.TOKEN_PREFIX)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            SecurityContextHolder.getContext().setAuthentication(authentication);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(SecurityConstants.TOKEN_HEADER);
        if (Strings.isNullOrEmpty(header)) {
            return null;
        }
        try {
            return tryAuthenticate(header);
        } catch (ExpiredJwtException e) {
            log.warn("Request to parse expired JWT : {} failed", header, e);
            return null;
        } catch (MalformedJwtException e2) {
            log.warn("Request to parse invalid JWT : {} failed", header, e2);
            return null;
        } catch (UnsupportedJwtException e3) {
            log.warn("Request to parse unsupported JWT : {} failed", header, e3);
            return null;
        } catch (SignatureException e4) {
            log.warn("Request to parse JWT with invalid signature : {} failed", header, e4);
            return null;
        } catch (IllegalArgumentException e5) {
            log.warn("Request to parse empty or null JWT : {} failed", header, e5);
            return null;
        }
    }

    private UsernamePasswordAuthenticationToken tryAuthenticate(String str) {
        Jws<Claims> parseClaimsJws = Jwts.parser().setSigningKey(this.securityProperties.getJwtSecret().getBytes()).parseClaimsJws(str.replace(SecurityConstants.TOKEN_PREFIX, ""));
        String subject = parseClaimsJws.getBody().getSubject();
        List list = (List) ((List) parseClaimsJws.getBody().get(SecurityConstants.ROLES_NAME)).stream().map(obj -> {
            return new SimpleGrantedAuthority((String) obj);
        }).collect(Collectors.toList());
        if (Strings.isNullOrEmpty(subject)) {
            return null;
        }
        return new UsernamePasswordAuthenticationToken(subject, null, list);
    }
}
