package com.homihq.db2rest.auth.unkey;

import ch.qos.logback.classic.encoder.JsonEncoder;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.homihq.db2rest.auth.unkey.service.UnKeyAuthService;
import com.homihq.db2rest.auth.unkey.to.UnKeyVerifyResponse;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.time.Instant;
import java.util.LinkedHashMap;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.servlet.tags.BindTag;

/* loaded from: input_file:BOOT-INF/lib/auth-1.6.0.jar:com/homihq/db2rest/auth/unkey/UnKeyAuthFilter.class */
public class UnKeyAuthFilter extends OncePerRequestFilter {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) UnKeyAuthFilter.class);
    private final UnKeyAuthService unKeyAuthService;
    private final ObjectMapper objectMapper;
    String API_KEY_HEADER = "X-API-KEY";

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        this.logger.debug(" *** Apply UnKeyAuth Filter ***");
        String header = httpServletRequest.getHeader(this.API_KEY_HEADER);
        if (StringUtils.isBlank(header)) {
            addMissingApiKeyError(httpServletRequest, httpServletResponse);
            return;
        }
        Optional<UnKeyVerifyResponse> verify = this.unKeyAuthService.verify(header);
        if (!verify.isPresent()) {
            addAuthenticationError(httpServletRequest, httpServletResponse);
            return;
        }
        log.debug("Unkey response - {}", verify.get());
        if (!verify.get().isValidKey()) {
            addAuthenticationError(httpServletRequest, httpServletResponse);
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            this.logger.debug("Completed UnKey Auth Filter");
        }
    }

    private void addAuthenticationError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("type", "https://db2rest/unauthorized");
        linkedHashMap.put("title", "Unauthorized");
        linkedHashMap.put(BindTag.STATUS_VARIABLE_NAME, 401);
        linkedHashMap.put("detail", "Invalid API Key");
        linkedHashMap.put("instance", httpServletRequest.getRequestURI());
        linkedHashMap.put("errorCategory", "Unauthorized");
        linkedHashMap.put(JsonEncoder.TIMESTAMP_ATTR_NAME, Instant.now());
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("application/json");
        this.objectMapper.writeValue(httpServletResponse.getWriter(), linkedHashMap);
    }

    private void addMissingApiKeyError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("type", "https://db2rest/api-key-not-found");
        linkedHashMap.put("title", "API Key not provided in header");
        linkedHashMap.put(BindTag.STATUS_VARIABLE_NAME, 401);
        linkedHashMap.put("detail", "API Key not provided in header. Please add header " + this.API_KEY_HEADER + " with valid API key.");
        linkedHashMap.put("instance", httpServletRequest.getRequestURI());
        linkedHashMap.put("errorCategory", "Invalid-API-Key");
        linkedHashMap.put(JsonEncoder.TIMESTAMP_ATTR_NAME, Instant.now());
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("application/json");
        this.objectMapper.writeValue(httpServletResponse.getWriter(), linkedHashMap);
    }

    @Generated
    public UnKeyAuthFilter(UnKeyAuthService unKeyAuthService, ObjectMapper objectMapper) {
        this.unKeyAuthService = unKeyAuthService;
        this.objectMapper = objectMapper;
    }
}
