package ai.yda.framework.channel.rest.spring.security;

import ai.yda.framework.channel.shared.TokenAuthentication;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:ai/yda/framework/channel/rest/spring/security/TokenAuthenticationConverter.class */
public class TokenAuthenticationConverter implements AuthenticationConverter {
    private static final String AUTHENTICATION_SCHEME_BEARER = "Bearer";
    private static final Short TOKEN_START_POSITION = 7;

    public Authentication convert(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return null;
        }
        String trim = header.trim();
        if (!StringUtils.startsWithIgnoreCase(trim, AUTHENTICATION_SCHEME_BEARER)) {
            return null;
        }
        if (trim.equalsIgnoreCase(AUTHENTICATION_SCHEME_BEARER)) {
            throw new BadCredentialsException("Empty bearer authentication token");
        }
        String substring = trim.substring(TOKEN_START_POSITION.shortValue());
        Authentication authentication = SecurityContextHolder.getContextHolderStrategy().getContext().getAuthentication();
        return authentication == null ? new TokenAuthentication(substring) : new TokenAuthentication(substring, authentication.getPrincipal(), authentication.getAuthorities());
    }
}
