package com.atlassian.asap.core.server.jersey;

import com.atlassian.asap.api.Jwt;
import com.atlassian.asap.api.exception.AuthenticationFailedException;
import com.atlassian.asap.api.exception.AuthorizationFailedException;
import com.atlassian.asap.api.server.http.RequestAuthenticator;
import com.sun.jersey.api.container.MappableContainerException;
import com.sun.jersey.api.core.HttpContext;
import com.sun.jersey.server.impl.inject.AbstractHttpContextInjectable;
import java.util.Set;

/* loaded from: input_file:com/atlassian/asap/core/server/jersey/JwtInjectable.class */
public class JwtInjectable extends AbstractHttpContextInjectable<Jwt> {
    private final RequestAuthenticator requestAuthenticator;
    private final Set<String> authorizedSubjects;
    private final Set<String> authorizedIssuers;

    public JwtInjectable(RequestAuthenticator requestAuthenticator, Set<String> set, Set<String> set2) {
        this.requestAuthenticator = requestAuthenticator;
        this.authorizedSubjects = set;
        this.authorizedIssuers = set2;
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public Jwt m0getValue(HttpContext httpContext) {
        try {
            Jwt authenticateRequest = this.requestAuthenticator.authenticateRequest(httpContext.getRequest().getHeaderValue("Authorization"));
            authorize(authenticateRequest);
            return authenticateRequest;
        } catch (AuthenticationFailedException | AuthorizationFailedException e) {
            throw wrapException(e);
        }
    }

    private void authorize(Jwt jwt) throws AuthorizationFailedException {
        if (!this.authorizedIssuers.contains(jwt.getClaims().getIssuer())) {
            throw new AuthorizationFailedException("Issuer is not authorized");
        }
        if (!this.authorizedSubjects.contains((String) jwt.getClaims().getSubject().getOrElse(jwt.getClaims().getIssuer()))) {
            throw new AuthorizationFailedException("Effective subject is not authorized");
        }
    }

    private RuntimeException wrapException(Exception exc) {
        return new MappableContainerException(exc);
    }

    public RequestAuthenticator getRequestAuthenticator() {
        return this.requestAuthenticator;
    }
}
