package be.atbash.ee.security.octopus.filter.authc;

import be.atbash.ee.security.octopus.authc.AuthenticationException;
import be.atbash.ee.security.octopus.authc.IncorrectDataToken;
import be.atbash.ee.security.octopus.jwt.decoder.JWTDecoder;
import be.atbash.ee.security.octopus.jwt.keys.JWKManagerKeySelector;
import be.atbash.ee.security.octopus.token.AuthenticationToken;
import be.atbash.ee.security.octopus.token.MPJWTToken;
import be.atbash.ee.security.octopus.token.MPToken;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@ApplicationScoped
/* loaded from: input_file:be/atbash/ee/security/octopus/filter/authc/MPUserFilter.class */
public class MPUserFilter extends AuthenticatingFilter {

    @Inject
    private JWTDecoder jwtDecoder;

    @Inject
    private JWKManagerKeySelector keySelector;

    @Inject
    private MPBearerTokenVerifier verifier;

    @PostConstruct
    public void initInstance() {
        setName("mpUser");
    }

    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        String header = ((HttpServletRequest) servletRequest).getHeader("Authorization");
        if (header == null) {
            return new IncorrectDataToken("Authorization header required");
        }
        String[] split = header.split(" ");
        return split.length != 2 ? new IncorrectDataToken("Authorization header value incorrect") : !"Bearer".equals(split[0]) ? new IncorrectDataToken("Authorization header value must start with Bearer") : createToken(split[1]);
    }

    private AuthenticationToken createToken(String str) {
        return new MPToken((MPJWTToken) this.jwtDecoder.decode(str, MPJWTToken.class, this.keySelector, this.verifier).getData());
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return executeLogin(servletRequest, servletResponse);
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        ((HttpServletResponse) servletResponse).setStatus(401);
        return false;
    }
}
