package de.adorsys.ledgers.oba.rest.server.resource;

import de.adorsys.ledgers.middleware.api.domain.sca.GlobalScaResponseTO;
import de.adorsys.ledgers.middleware.api.domain.um.BearerTokenTO;
import de.adorsys.ledgers.oba.rest.server.auth.ObaMiddlewareAuthentication;
import de.adorsys.ledgers.oba.service.api.domain.exception.AuthErrorCode;
import de.adorsys.ledgers.oba.service.api.domain.exception.AuthorizationException;
import de.adorsys.psd2.xs2a.core.psu.PsuIdData;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;

/* loaded from: input_file:de/adorsys/ledgers/oba/rest/server/resource/AuthUtils.class */
public class AuthUtils {
    private AuthUtils() {
    }

    public static String psuId(ObaMiddlewareAuthentication obaMiddlewareAuthentication) {
        if (obaMiddlewareAuthentication == null) {
            return null;
        }
        return psuId(obaMiddlewareAuthentication.getBearerToken());
    }

    public static String psuId(BearerTokenTO bearerTokenTO) {
        return bearerTokenTO.getAccessTokenObject().getLogin();
    }

    public static void checkIfUserInitiatedOperation(GlobalScaResponseTO globalScaResponseTO, List<PsuIdData> list) {
        if (CollectionUtils.isNotEmpty(list)) {
            checkUserInitiatedProcedure(list.get(0).getPsuId(), globalScaResponseTO.getBearerToken());
        }
    }

    private static void checkUserInitiatedProcedure(String str, BearerTokenTO bearerTokenTO) {
        if (!psuId(bearerTokenTO).equals(str)) {
            throw AuthorizationException.builder().errorCode(AuthErrorCode.LOGIN_FAILED).devMessage("Operation you're logging in is not meant for current user").build();
        }
    }
}
