package org.sakaiproject.rubrics.security;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sakaiproject.rubrics.logic.JwtAuthenticationToken;
import org.sakaiproject.rubrics.security.exception.JwtTokenMissingException;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

/* loaded from: input_file:WEB-INF/classes/org/sakaiproject/rubrics/security/JwtAuthenticationTokenFilter.class */
public class JwtAuthenticationTokenFilter extends AbstractAuthenticationProcessingFilter {

    @Value("Authorization")
    private String tokenHeader;

    public JwtAuthenticationTokenFilter() {
        super("/rest/**");
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader(this.tokenHeader);
        if (header == null || !header.startsWith("Bearer ")) {
            throw new JwtTokenMissingException("No JWT token found in request headers");
        }
        String substring = header.substring(7);
        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            JwtAuthenticationToken jwtAuthenticationToken = new JwtAuthenticationToken(substring);
            jwtAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
            SecurityContextHolder.getContext().setAuthentication(jwtAuthenticationToken);
        }
        return SecurityContextHolder.getContext().getAuthentication();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) throws IOException, ServletException {
        super.successfulAuthentication(httpServletRequest, httpServletResponse, filterChain, authentication);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
