package edu.kit.datamanager.security.filter;

import edu.kit.datamanager.exceptions.InvalidAuthenticationException;
import edu.kit.datamanager.exceptions.NoJwtTokenException;
import edu.kit.datamanager.exceptions.UnauthorizedAccessException;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:edu/kit/datamanager/security/filter/JwtAuthenticationFilter.class */
public class JwtAuthenticationFilter extends OncePerRequestFilter {
    public static final String AUTHORIZATION_HEADER = "Authorization";
    public static final String BEARER_TOKEN_IDENTIFIER = "Bearer ";
    private final AuthenticationManager authenticationManager;

    public JwtAuthenticationFilter(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException, AuthenticationException {
        String header = httpServletRequest.getHeader(AUTHORIZATION_HEADER);
        if (header == null || !header.startsWith(BEARER_TOKEN_IDENTIFIER)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(new JwtEmptyToken(header.substring(BEARER_TOKEN_IDENTIFIER.length()))));
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (InvalidAuthenticationException | UnauthorizedAccessException e) {
            httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
            httpServletResponse.getWriter().write(e.getLocalizedMessage());
        } catch (NoJwtTokenException e2) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }
}
