package com.nannoq.tools.auth.webhandlers;

import com.nannoq.tools.auth.AuthGlobals;
import com.nannoq.tools.auth.AuthUtils;
import com.nannoq.tools.auth.models.VerifyResult;
import com.nannoq.tools.auth.utils.Authorization;
import com.nannoq.tools.web.requestHandlers.RequestLogHandler;
import io.vertx.core.Handler;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.json.Json;
import io.vertx.core.logging.Logger;
import io.vertx.core.logging.LoggerFactory;
import io.vertx.ext.web.RoutingContext;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:com/nannoq/tools/auth/webhandlers/AuthHandler.class */
public class AuthHandler implements Handler<RoutingContext> {
    private static final Logger logger = LoggerFactory.getLogger(AuthHandler.class.getSimpleName());
    public static final String AUTH_PROCESS_TIME = "X-Auth-Time-To-Process";
    private final Class TYPE;
    private final AuthUtils authUtils = AuthUtils.getInstance();
    private final String apiKey;
    private final String domainIdentifier;

    public AuthHandler(Class cls, String str, String str2) {
        this.TYPE = cls;
        this.domainIdentifier = str;
        this.apiKey = str2;
    }

    public void handle(RoutingContext routingContext) {
        long nanoTime = System.nanoTime();
        String header = routingContext.request().getHeader("Authorization");
        if (logger.isDebugEnabled()) {
            RequestLogHandler.addLogMessageToRequestLog(routingContext, "Starting auth for: " + header);
        }
        if (header == null) {
            unAuthorized(routingContext, nanoTime);
            return;
        }
        if (header.startsWith("APIKEY ")) {
            if (!header.substring("APIKEY".length()).trim().equals(this.apiKey)) {
                unAuthorized(routingContext, nanoTime);
                return;
            }
            RequestLogHandler.addLogMessageToRequestLog(routingContext, "INFO: Google AUTH overriden by API KEY!");
            setAuthProcessTime(routingContext, nanoTime);
            routingContext.next();
            return;
        }
        if (!header.startsWith("Bearer")) {
            unAuthorized(routingContext, nanoTime);
            return;
        }
        String trim = header.substring("Bearer".length()).trim();
        if (logger.isInfoEnabled()) {
            RequestLogHandler.addLogMessageToRequestLog(routingContext, "Preparing request to auth backend...");
        }
        HttpServerRequest request = routingContext.request();
        String pathParam = routingContext.pathParam(this.domainIdentifier);
        Authorization authorization = new Authorization();
        authorization.setMethod(request.rawMethod());
        authorization.setModel(this.TYPE.getSimpleName());
        authorization.setDomainIdentifier(pathParam == null ? AuthGlobals.GLOBAL_AUTHORIZATION : pathParam);
        this.authUtils.authenticateAndAuthorize(trim, authorization, asyncResult -> {
            if (asyncResult.failed()) {
                logger.error("Failure in Auth: " + Json.encodePrettily(authorization), asyncResult.cause());
                RequestLogHandler.addLogMessageToRequestLog(routingContext, "Unauthorized!", asyncResult.cause());
                unAuthorized(routingContext, nanoTime);
            } else {
                setAuthProcessTime(routingContext, nanoTime);
                routingContext.put(AuthUtils.USER_IDENTIFIER, ((VerifyResult) asyncResult.result()).getId());
                routingContext.next();
            }
        });
    }

    private void setAuthProcessTime(RoutingContext routingContext, long j) {
        routingContext.response().putHeader(AUTH_PROCESS_TIME, String.valueOf(TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - j)));
    }

    private void unAuthorized(RoutingContext routingContext, long j) {
        setAuthProcessTime(routingContext, j);
        routingContext.fail(401);
    }
}
