package de.adorsys.sts.filter;

import com.nimbusds.jose.proc.BadJOSEException;
import de.adorsys.sts.token.authentication.TokenAuthenticationService;
import jakarta.annotation.Nonnull;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:BOOT-INF/lib/sts-spring-1.2.4.jar:de/adorsys/sts/filter/JWTAuthenticationFilter.class */
public class JWTAuthenticationFilter extends OncePerRequestFilter {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JWTAuthenticationFilter.class);
    private final TokenAuthenticationService tokenAuthenticationService;

    @Override // org.springframework.web.filter.OncePerRequestFilter
    public void doFilterInternal(@Nonnull HttpServletRequest httpServletRequest, @Nonnull HttpServletResponse httpServletResponse, @Nonnull FilterChain filterChain) throws ServletException, IOException {
        if (this.logger.isTraceEnabled()) {
            this.logger.trace("doFilter start");
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication is null. Try to get authentication from request...");
            }
            try {
                authentication = this.tokenAuthenticationService.getAuthentication(httpServletRequest);
            } catch (BadJOSEException e) {
                httpServletResponse.setHeader("X-B3-TraceId", httpServletRequest.getHeader("X-B3-TraceId"));
                httpServletResponse.setHeader("X-B3-SpanId", httpServletRequest.getHeader("X-B3-SpanId"));
                httpServletResponse.sendError(403, "Invalid token - Token expired");
            }
            SecurityContextHolder.getContext().setAuthentication(authentication);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        if (this.logger.isTraceEnabled()) {
            this.logger.trace("doFilter end");
        }
    }

    @Generated
    public JWTAuthenticationFilter(TokenAuthenticationService tokenAuthenticationService) {
        this.tokenAuthenticationService = tokenAuthenticationService;
    }
}
