package be.looorent.security.jwt;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:be/looorent/security/jwt/AuthenticationFilter.class */
class AuthenticationFilter extends GenericFilterBean {
    private final Logger LOG = LoggerFactory.getLogger(AuthenticationFilter.class);
    private static final String OPTIONS_METHOD = "OPTIONS";
    private static final String BEARER_SCHEME = "Bearer";
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final String NO_AUTHORIZATION_HEADER = "Unauthorized: No Authorization header was found";
    private static final String WRONG_AUTHORIZATION_HEADER_FORMAT = "Unauthorized: Format is Authorization: Bearer [token]";
    private final AuthenticationEntryPoint entryPoint;
    private final AuthenticationManager authenticationManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthenticationFilter(AuthenticationManager authenticationManager, AuthenticationEntryPoint authenticationEntryPoint) {
        if (authenticationManager == null) {
            throw new IllegalArgumentException("authenticationManager must not be null");
        }
        if (authenticationEntryPoint == null) {
            throw new IllegalArgumentException("entryPoint must not be null");
        }
        this.entryPoint = authenticationEntryPoint;
        this.authenticationManager = authenticationManager;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!httpServletRequest.getMethod().equals(OPTIONS_METHOD)) {
            try {
                SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(readTokenFrom(httpServletRequest)));
            } catch (AuthenticationException e) {
                SecurityContextHolder.clearContext();
                this.entryPoint.commence(httpServletRequest, httpServletResponse, e);
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private UnauthenticatedToken readTokenFrom(HttpServletRequest httpServletRequest) {
        try {
            return new UnauthenticatedToken(extractTokenFrom(httpServletRequest), httpServletRequest);
        } catch (IllegalArgumentException e) {
            this.LOG.trace("Impossible to get Authorization header: {}", e.getMessage());
            throw new TokenException("jwt_missing_bearer_token", e);
        }
    }

    private String extractTokenFrom(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(AUTHORIZATION_HEADER);
        if (header == null) {
            throw new IllegalArgumentException(NO_AUTHORIZATION_HEADER);
        }
        String[] split = header.split(" ");
        if (split.length != 2) {
            throw new IllegalArgumentException(WRONG_AUTHORIZATION_HEADER_FORMAT);
        }
        String str = split[0];
        String str2 = split[1];
        if (BEARER_SCHEME.equalsIgnoreCase(str)) {
            return str2;
        }
        throw new IllegalArgumentException("Wrong Scheme: " + str + ". Expected: " + BEARER_SCHEME);
    }
}
