package si.irm.mmrest.mymarina;

import java.io.IOException;
import java.security.Principal;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Priority;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.ext.Provider;
import org.jose4j.jwt.consumer.InvalidJwtException;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import si.irm.mmrest.mymarina.util.JWTSecured;
import si.irm.mmrest.mymarina.util.KeyHelper;

@Provider
@Priority(1000)
@JWTSecured
/* loaded from: input_file:MarinaMasterRest.war:WEB-INF/classes/si/irm/mmrest/mymarina/JWTRequestFilter.class */
public class JWTRequestFilter implements ContainerRequestFilter {
    private static final Logger LOG = Logger.getLogger(JWTRequestFilter.class.getName());

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        boolean z = false;
        String headerString = containerRequestContext.getHeaderString("Authorization");
        if (headerString != null) {
            String[] split = headerString.split(" ");
            if (split.length == 2 && "Bearer".equals(split[0])) {
                try {
                    try {
                        final String subject = new JwtConsumerBuilder().setRequireExpirationTime().setAllowedClockSkewInSeconds(30).setRequireSubject().setExpectedIssuer(KeyHelper.JWT_ISSUER).setVerificationKey(new KeyHelper().getPublicKey()).build().processToClaims(split[1]).getSubject();
                        final SecurityContext securityContext = containerRequestContext.getSecurityContext();
                        containerRequestContext.setSecurityContext(new SecurityContext() { // from class: si.irm.mmrest.mymarina.JWTRequestFilter.1
                            @Override // javax.ws.rs.core.SecurityContext
                            public boolean isUserInRole(String str) {
                                return true;
                            }

                            @Override // javax.ws.rs.core.SecurityContext
                            public boolean isSecure() {
                                return securityContext.isSecure();
                            }

                            @Override // javax.ws.rs.core.SecurityContext
                            public Principal getUserPrincipal() {
                                String str = subject;
                                return () -> {
                                    return str;
                                };
                            }

                            @Override // javax.ws.rs.core.SecurityContext
                            public String getAuthenticationScheme() {
                                return securityContext.getAuthenticationScheme();
                            }
                        });
                        z = true;
                    } catch (InvalidJwtException e) {
                        LOG.log(Level.WARNING, e.getMessage(), (Throwable) e);
                    }
                } catch (Exception e2) {
                    LOG.log(Level.WARNING, e2.getMessage(), (Throwable) e2);
                }
            }
        }
        if (z) {
            return;
        }
        LOG.info("Unauthorized");
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
    }
}
