package org.eclipse.vorto.repository.sso;

import com.google.common.base.Strings;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:BOOT-INF/lib/repository-server-0.10.0.M3.jar:org/eclipse/vorto/repository/sso/AuthorizationTokenFilter.class */
public class AuthorizationTokenFilter extends GenericFilterBean {
    private static final String BEARER = "Bearer";
    private static final String AUTHORIZATION = "Authorization";
    private UserInfoTokenServices userInfoService;

    public AuthorizationTokenFilter(UserInfoTokenServices userInfoTokenServices) {
        this.userInfoService = userInfoTokenServices;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            Optional<String> bearerToken = getBearerToken((HttpServletRequest) servletRequest);
            if (bearerToken.isPresent()) {
                try {
                    OAuth2Authentication loadAuthentication = this.userInfoService.loadAuthentication(bearerToken.get());
                    if (loadAuthentication != null) {
                        SecurityContextHolder.getContext().setAuthentication(loadAuthentication);
                        filterChain.doFilter(servletRequest, servletResponse);
                        SecurityContextHolder.getContext().setAuthentication(null);
                        return;
                    }
                } catch (InvalidTokenException e) {
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public Optional<String> getBearerToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (!Strings.nullToEmpty(header).trim().isEmpty()) {
            String[] split = header.split(" ");
            if ("Bearer".equals(split[0]) && !Strings.nullToEmpty(split[1]).isEmpty()) {
                return Optional.of(split[1]);
            }
        }
        return Optional.empty();
    }
}
