package com.auth0.spring.security.api;

import com.auth0.spring.security.api.authentication.PreAuthenticatedAuthenticationJsonWebToken;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.context.HttpRequestResponseHolder;
import org.springframework.security.web.context.SecurityContextRepository;

/* loaded from: input_file:BOOT-INF/lib/auth0-spring-security-api-1.2.6.jar:com/auth0/spring/security/api/BearerSecurityContextRepository.class */
public class BearerSecurityContextRepository implements SecurityContextRepository {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) BearerSecurityContextRepository.class);

    @Override // org.springframework.security.web.context.SecurityContextRepository
    public SecurityContext loadContext(HttpRequestResponseHolder httpRequestResponseHolder) {
        SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
        PreAuthenticatedAuthenticationJsonWebToken usingToken = PreAuthenticatedAuthenticationJsonWebToken.usingToken(tokenFromRequest(httpRequestResponseHolder.getRequest()));
        if (usingToken != null) {
            createEmptyContext.setAuthentication(usingToken);
            logger.debug("Found bearer token in request. Saving it in SecurityContext");
        }
        return createEmptyContext;
    }

    @Override // org.springframework.security.web.context.SecurityContextRepository
    public void saveContext(SecurityContext securityContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    @Override // org.springframework.security.web.context.SecurityContextRepository
    public boolean containsContext(HttpServletRequest httpServletRequest) {
        return tokenFromRequest(httpServletRequest) != null;
    }

    private String tokenFromRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || !header.toLowerCase().startsWith("bearer")) {
            return null;
        }
        String[] split = header.split(" ");
        if (split.length < 2) {
            return null;
        }
        return split[1].trim();
    }
}
