package de.adorsys.aspsp.xs2a.remote.connector.oauth;

import com.fasterxml.jackson.databind.ObjectMapper;
import de.adorsys.psd2.xs2a.core.error.MessageErrorCode;
import de.adorsys.psd2.xs2a.exception.MessageCategory;
import de.adorsys.psd2.xs2a.web.error.TppErrorMessageBuilder;
import de.adorsys.psd2.xs2a.web.filter.AbstractXs2aFilter;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:de/adorsys/aspsp/xs2a/remote/connector/oauth/TokenAuthenticationFilter.class */
public class TokenAuthenticationFilter extends AbstractXs2aFilter {
    private static final Logger log = LoggerFactory.getLogger(TokenAuthenticationFilter.class);
    private static final String BEARER_TOKEN_PREFIX = "Bearer ";
    private final String oauthModeHeaderName;
    private final ObjectMapper mapper;
    private final TppErrorMessageBuilder tppErrorMessageBuilder;
    private final TokenValidationService tokenValidationService;

    public TokenAuthenticationFilter(@Value("${oauth.header-name:X-OAUTH-PREFERRED}") String str, ObjectMapper objectMapper, TppErrorMessageBuilder tppErrorMessageBuilder, TokenValidationService tokenValidationService) {
        this.oauthModeHeaderName = str;
        this.mapper = objectMapper;
        this.tppErrorMessageBuilder = tppErrorMessageBuilder;
        this.tokenValidationService = tokenValidationService;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!Boolean.parseBoolean(httpServletRequest.getHeader(this.oauthModeHeaderName))) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            if (this.tokenValidationService.validate(resolveBearerToken(httpServletRequest)) != null) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            httpServletResponse.setStatus(403);
            httpServletResponse.setHeader("Content-Type", "application/json");
            httpServletResponse.getWriter().print(this.mapper.writeValueAsString(this.tppErrorMessageBuilder.buildTppErrorMessage(MessageCategory.ERROR, MessageErrorCode.TOKEN_INVALID)));
        }
    }

    private String resolveBearerToken(HttpServletRequest httpServletRequest) {
        return (String) Optional.ofNullable(httpServletRequest.getHeader("Authorization")).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).filter(str -> {
            return StringUtils.startsWithIgnoreCase(str, BEARER_TOKEN_PREFIX);
        }).map(str2 -> {
            return StringUtils.substringAfter(str2, BEARER_TOKEN_PREFIX);
        }).orElse(null);
    }
}
