package com.homihq.db2rest.auth.jwt;

import com.homihq.db2rest.auth.common.AbstractAuthProvider;
import com.homihq.db2rest.auth.common.AuthDataProvider;
import com.homihq.db2rest.auth.common.UserDetail;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.proc.BadJOSEException;
import com.nimbusds.jose.proc.SecurityContext;
import com.nimbusds.jwt.proc.ConfigurableJWTProcessor;
import jakarta.servlet.http.HttpServletRequest;
import java.text.ParseException;
import java.util.List;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:BOOT-INF/lib/auth-1.6.0.jar:com/homihq/db2rest/auth/jwt/JwtAuthProvider.class */
public class JwtAuthProvider extends AbstractAuthProvider {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JwtAuthProvider.class);
    private static final String BEARER_AUTH = "Bearer";
    private final AuthDataProvider authDataProvider;
    private final AntPathMatcher antPathMatcher;
    private final ConfigurableJWTProcessor<SecurityContext> jwtProcessor;

    @Override // com.homihq.db2rest.auth.common.AbstractAuthProvider
    public boolean canHandle(HttpServletRequest httpServletRequest) {
        String authHeader = getAuthHeader(httpServletRequest);
        return StringUtils.isNotBlank(authHeader) && authHeader.startsWith(BEARER_AUTH);
    }

    @Override // com.homihq.db2rest.auth.common.AbstractAuthProvider
    public UserDetail authenticate(HttpServletRequest httpServletRequest) {
        try {
            return new UserDetail(this.jwtProcessor.process(StringUtils.replace(getAuthHeader(httpServletRequest), String.format("%s ", BEARER_AUTH), "", 1), (String) null).getSubject(), List.of());
        } catch (JOSEException | BadJOSEException | ParseException e) {
            log.error("Error in JWT validation - ", e);
            return null;
        }
    }

    @Override // com.homihq.db2rest.auth.common.AbstractAuthProvider
    public boolean authorize(UserDetail userDetail, String str, String str2) {
        return super.authorizeInternal(userDetail, str, str2, this.authDataProvider.getApiResourceRoles(), this.antPathMatcher);
    }

    @Override // com.homihq.db2rest.auth.common.AbstractAuthProvider
    public boolean isExcluded(String str, String str2) {
        return false;
    }

    @Generated
    public JwtAuthProvider(AuthDataProvider authDataProvider, AntPathMatcher antPathMatcher, ConfigurableJWTProcessor<SecurityContext> configurableJWTProcessor) {
        this.authDataProvider = authDataProvider;
        this.antPathMatcher = antPathMatcher;
        this.jwtProcessor = configurableJWTProcessor;
    }
}
