package si.irm.mmrest.auth;

import com.google.gson.Gson;
import java.io.IOException;
import javax.ejb.EJB;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.MediaType;
import si.irm.common.messages.Translations;
import si.irm.common.utils.Logger;
import si.irm.mm.ejb.user.RestApiClientEJBLocal;
import si.irm.mm.messages.TransKey;
import si.irm.mmrest.v2.LoginResource2;
import si.irm.mmrest.v2.data.ErrorResponse;

@WebFilter(filterName = "AuthFilter2", urlPatterns = {"/rest/v2/*"})
/* loaded from: input_file:MarinaMasterRest.war:WEB-INF/classes/si/irm/mmrest/auth/AuthFilter2.class */
public class AuthFilter2 implements Filter {
    private static final String STR_BEARER = "Bearer ";

    @EJB
    private RestApiClientEJBLocal restApiClientEJB;

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String pathInfo = httpServletRequest.getPathInfo();
        out("ENTER: " + pathInfo);
        if (pathInfo != null && pathInfo.startsWith(LoginResource2.LOGIN_PATH)) {
            out("OK: LOGIN REQUEST");
        } else {
            if (!userValid(httpServletRequest)) {
                out("user NOT logged in.");
                ((HttpServletResponse) servletResponse).setStatus(401);
                ErrorResponse errorResponse = new ErrorResponse();
                errorResponse.errorMessage = Translations.get(TransKey.REST_API_CLIENT_INVALID_CREDENTIALS);
                servletResponse.setContentType(MediaType.APPLICATION_JSON);
                servletResponse.getWriter().println(new Gson().toJson(errorResponse));
                return;
            }
            out("user logged in.");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean userValid(HttpServletRequest httpServletRequest) {
        Boolean bool = false;
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.startsWith(STR_BEARER)) {
            bool = Boolean.valueOf(this.restApiClientEJB.isValidJWT(header.substring(STR_BEARER.length())));
        }
        return bool.booleanValue();
    }

    private void out(String str) {
        Logger.log(String.valueOf(getClass().getSimpleName()) + ": " + str);
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
