package org.craftercms.profile.interceptors;

import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.http.HttpUtils;
import org.craftercms.commons.i10n.I10nLogger;
import org.craftercms.commons.mongo.MongoDataException;
import org.craftercms.profile.api.AccessToken;
import org.craftercms.profile.api.exceptions.I10nProfileException;
import org.craftercms.profile.exceptions.ExpiredAccessTokenException;
import org.craftercms.profile.exceptions.MissingAccessTokenIdParamException;
import org.craftercms.profile.exceptions.NoSuchAccessTokenIdException;
import org.craftercms.profile.permissions.Application;
import org.craftercms.profile.repositories.AccessTokenRepository;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:org/craftercms/profile/interceptors/AccessTokenCheckingInterceptor.class */
public class AccessTokenCheckingInterceptor extends HandlerInterceptorAdapter {
    private static final I10nLogger logger = new I10nLogger(AccessTokenCheckingInterceptor.class, "crafter.profile.messages.logging");
    public static final String ERROR_KEY_GET_ACCESS_TOKEN_ERROR = "profile.accessToken.getAccessTokenError";
    public static final String LOG_KEY_ACCESS_TOKEN_FOUND = "profile.accessToken.accessTokenFound";
    public static final String LOG_KEY_APP_BINDING_APP = "profile.app.bindingApp";
    public static final String LOG_KEY_APP_UNBINDING_APP = "profile.app.unbindingApp";
    protected AccessTokenRepository tokenRepository;
    protected String[] urlsToInclude;

    @Required
    public void setTokenRepository(AccessTokenRepository accessTokenRepository) {
        this.tokenRepository = accessTokenRepository;
    }

    @Required
    public void setUrlsToInclude(String[] strArr) {
        this.urlsToInclude = strArr;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!includeRequest(httpServletRequest)) {
            return true;
        }
        Application application = getApplication(getAccessToken(httpServletRequest));
        logger.debug(LOG_KEY_APP_BINDING_APP, new Object[]{application, Thread.currentThread().getName()});
        Application.setCurrent(application);
        return true;
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        logger.debug(LOG_KEY_APP_UNBINDING_APP, new Object[]{Application.getCurrent(), Thread.currentThread().getName()});
        Application.clear();
    }

    protected boolean includeRequest(HttpServletRequest httpServletRequest) {
        if (!ArrayUtils.isNotEmpty(this.urlsToInclude)) {
            return false;
        }
        for (String str : this.urlsToInclude) {
            if (HttpUtils.getRequestUriWithoutContextPath(httpServletRequest).matches(str)) {
                return true;
            }
        }
        return false;
    }

    protected Application getApplication(AccessToken accessToken) throws I10nProfileException {
        Date date = new Date();
        if (accessToken.getExpiresOn() == null || date.before(accessToken.getExpiresOn())) {
            return new Application(accessToken.getApplication(), accessToken.getTenantPermissions());
        }
        throw new ExpiredAccessTokenException(accessToken.getId(), accessToken.getApplication(), accessToken.getExpiresOn());
    }

    protected AccessToken getAccessToken(HttpServletRequest httpServletRequest) throws I10nProfileException {
        String parameter = httpServletRequest.getParameter("accessTokenId");
        if (!StringUtils.isNotEmpty(parameter)) {
            throw new MissingAccessTokenIdParamException();
        }
        try {
            AccessToken accessToken = (AccessToken) this.tokenRepository.findById(parameter);
            if (accessToken == null) {
                throw new NoSuchAccessTokenIdException(parameter);
            }
            logger.debug(LOG_KEY_ACCESS_TOKEN_FOUND, new Object[]{parameter, accessToken});
            return accessToken;
        } catch (MongoDataException e) {
            throw new I10nProfileException(ERROR_KEY_GET_ACCESS_TOKEN_ERROR, e, new Object[]{parameter});
        }
    }
}
