package cat.gencat.ctti.canigo.arch.security.rest.authentication.jwt;

import cat.gencat.ctti.canigo.arch.security.rest.authentication.constants.Constants;
import cat.gencat.ctti.canigo.arch.security.rest.authentication.service.AuthenticationService;
import io.jsonwebtoken.lang.Assert;
import java.io.IOException;
import javax.annotation.PostConstruct;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:cat/gencat/ctti/canigo/arch/security/rest/authentication/jwt/JwtAuthenticationFilter.class */
public class JwtAuthenticationFilter extends OncePerRequestFilter {
    private static final Logger loggerJwtAuthenticationFilter = LoggerFactory.getLogger(JwtAuthenticationFilter.class);
    private String headerAuthName;
    private String startToken;
    private String tokenResponseHeaderName;

    @Autowired
    private JwtTokenHandler jwtTokenHandler;

    @Autowired
    @Qualifier("jwtAuthenticationService")
    private AuthenticationService jwtAuthenticationService;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        loggerJwtAuthenticationFilter.debug("doFilterInternal");
        if (!requireDoFilter(httpServletRequest)) {
            this.jwtTokenHandler.handleNoAuthentication(httpServletRequest, httpServletResponse, filterChain, this);
            return;
        }
        String header = httpServletRequest.getHeader(this.headerAuthName);
        loggerJwtAuthenticationFilter.debug("header: {}", header);
        if (header == null || !header.startsWith(this.startToken)) {
            this.jwtTokenHandler.handleAuthentication(httpServletRequest, httpServletResponse, filterChain, header, this);
        } else {
            doFilterWithToken(httpServletRequest, httpServletResponse, filterChain);
        }
    }

    protected void doFilterWithToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = httpServletRequest.getHeader(this.headerAuthName);
        String str = this.startToken + " ";
        String substring = header.length() > str.length() ? header.substring(str.length()) : "";
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            doFilterWithTokenWithoutAuthenticationSecurity(httpServletRequest, httpServletResponse, filterChain, substring);
        } else {
            this.jwtTokenHandler.handleAuthenticationSecurity(httpServletRequest, httpServletResponse, filterChain, substring, authentication, this);
        }
    }

    protected void doFilterWithTokenWithoutAuthenticationSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, String str) throws IOException, ServletException {
        if (!this.jwtTokenHandler.validateToken(str)) {
            this.jwtTokenHandler.handleTokenInvalid(httpServletRequest, httpServletResponse, filterChain, str, this);
            return;
        }
        User userFromToken = this.jwtTokenHandler.getUserFromToken(str);
        if (userFromToken != null) {
            this.jwtTokenHandler.handleTokenValid(httpServletRequest, httpServletResponse, filterChain, userFromToken, str, this);
        } else {
            this.jwtTokenHandler.handleTokenInvalid(httpServletRequest, httpServletResponse, filterChain, str, this);
        }
    }

    public String getHeaderAuthName() {
        return this.headerAuthName;
    }

    public void setHeaderAuthName(String str) {
        this.headerAuthName = str;
    }

    public String getStartToken() {
        return this.startToken;
    }

    public void setStartToken(String str) {
        this.startToken = str;
    }

    public String getTokenResponseHeaderName() {
        return this.tokenResponseHeaderName;
    }

    public void setTokenResponseHeaderName(String str) {
        this.tokenResponseHeaderName = str;
    }

    public JwtTokenHandler getJwtTokenHandler() {
        return this.jwtTokenHandler;
    }

    public void setJwtTokenHandler(JwtTokenHandler jwtTokenHandler) {
        this.jwtTokenHandler = jwtTokenHandler;
    }

    public AuthenticationService getJwtAuthenticationService() {
        return this.jwtAuthenticationService;
    }

    public void setJwtAuthenticationService(AuthenticationService authenticationService) {
        this.jwtAuthenticationService = authenticationService;
    }

    @PostConstruct
    public void checkProperties() {
        Assert.hasLength(this.startToken, "startToken can't be null!");
        Assert.hasLength(this.headerAuthName, "headerAuthName can't be null or empty!");
        Assert.hasLength(this.tokenResponseHeaderName, "tokenResponseHeaderName can't be null or empty!");
    }

    protected boolean requireDoFilter(HttpServletRequest httpServletRequest) {
        return !isLoginRequest(httpServletRequest) && this.jwtAuthenticationService.isAuthRequest(httpServletRequest);
    }

    protected boolean isLoginRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getPathInfo() != null && httpServletRequest.getPathInfo().endsWith(Constants.PATH_AUTH_TOKEN);
    }
}
