package io.mangoo.admin;

import dev.paseto.jpaseto.Paseto;
import dev.paseto.jpaseto.PasetoException;
import dev.paseto.jpaseto.Pasetos;
import io.mangoo.core.Application;
import io.mangoo.core.Config;
import io.mangoo.enums.Default;
import io.mangoo.interfaces.filters.PerRequestFilter;
import io.mangoo.routing.Response;
import io.mangoo.routing.bindings.Request;
import io.mangoo.utils.MangooUtils;
import io.undertow.server.handlers.Cookie;
import java.nio.charset.StandardCharsets;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:io/mangoo/admin/AdminFilter.class */
public class AdminFilter implements PerRequestFilter {
    private static final String VERSION_TAG = MangooUtils.getVersion();

    @Override // io.mangoo.interfaces.filters.PerRequestFilter
    public Response execute(Request request, Response response) {
        Config config = (Config) Application.getInstance(Config.class);
        Cookie cookie = request.getCookie(Default.ADMIN_COOKIE_NAME.toString());
        if (cookie != null) {
            String value = cookie.getValue();
            if (StringUtils.isNotBlank(value)) {
                try {
                    Paseto parse = Pasetos.parserBuilder().setSharedSecret(config.getApplicationSecret().getBytes(StandardCharsets.UTF_8)).build().parse(value);
                    if (LocalDateTime.ofInstant(parse.getClaims().getExpiration(), ZoneOffset.UTC).isAfter(LocalDateTime.now())) {
                        if (parse.getClaims().containsKey("twofactor") && ((Boolean) parse.getClaims().get("twofactor", Boolean.TYPE)).booleanValue()) {
                            return Response.withRedirect("/@admin/twofactor").andEndResponse();
                        }
                        response.andContent("version", VERSION_TAG);
                        return response;
                    }
                } catch (PasetoException e) {
                }
            }
        }
        return Response.withRedirect("/@admin/login").andEndResponse();
    }
}
