package io.jans.ca.server.filter;

import io.jans.ca.common.rest.ProtectedApi;
import io.jans.ca.server.security.service.AuthorizationService;
import jakarta.annotation.Priority;
import jakarta.inject.Inject;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriInfo;
import jakarta.ws.rs.ext.Provider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
@Priority(1000)
@ProtectedApi
/* loaded from: input_file:io/jans/ca/server/filter/AuthorizationFilter.class */
public class AuthorizationFilter implements ContainerRequestFilter {
    private static final String AUTHENTICATION_SCHEME = "Bearer";
    private static final String AUTHORIZATION_RP_ID = "AuthorizationRpId";
    private static final Logger log = LoggerFactory.getLogger(AuthorizationFilter.class);

    @Context
    UriInfo info;

    @Context
    HttpServletRequest request;

    @Context
    private HttpHeaders httpHeaders;

    @Inject
    AuthorizationService authorizationService;

    public void filter(ContainerRequestContext containerRequestContext) {
        log.info("=======================================================================");
        log.info("====== context = " + containerRequestContext + " , info.getAbsolutePath() = " + this.info.getAbsolutePath() + " , info.getRequestUri() = " + this.info.getRequestUri() + "\n\n");
        log.info("====== info.getBaseUri()=" + this.info.getBaseUri() + " info.getPath()=" + this.info.getPath() + " info.toString()=" + this.info.toString());
        log.info("====== request.getContextPath()=" + this.request.getContextPath() + " request.getRequestURI()=" + this.request.getRequestURI() + " request.toString() " + this.request.toString());
        log.info("======" + containerRequestContext.getMethod() + " " + this.info.getPath() + " FROM IP " + this.request.getRemoteAddr());
        log.info("======PERFORMING AUTHORIZATION=========================================");
        String headerString = containerRequestContext.getHeaderString("Authorization");
        String headerString2 = containerRequestContext.getHeaderString(AUTHORIZATION_RP_ID);
        log.info("\n\n\n AuthorizationFilter::filter() - authorizationHeader = " + headerString + " , authorizationRpIdHeader = " + headerString2 + " \n\n\n");
        try {
            this.authorizationService.processAuthorization(this.info.getPath(), containerRequestContext.getMethod(), this.request.getRemoteAddr(), headerString, headerString2);
            log.info("======AUTHORIZATION  GRANTED===========================================");
        } catch (Exception e) {
            log.error("======AUTHORIZATION  FAILED ===========================================", e);
            abortWithUnauthorized(containerRequestContext, e.getMessage());
        }
    }

    private void abortWithUnauthorized(ContainerRequestContext containerRequestContext, String str) {
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).entity(str).header("WWW-Authenticate", AUTHENTICATION_SCHEME).build());
    }
}
