package io.vertigo.vega.plugins.rest.handler;

import io.vertigo.lang.Assertion;
import io.vertigo.vega.impl.rest.RestHandlerPlugin;
import io.vertigo.vega.rest.exception.SessionException;
import io.vertigo.vega.rest.exception.VSecurityException;
import io.vertigo.vega.rest.metamodel.EndPointDefinition;
import io.vertigo.vega.token.TokenManager;
import java.io.Serializable;
import javax.inject.Inject;
import spark.Request;
import spark.Response;

/* loaded from: input_file:io/vertigo/vega/plugins/rest/handler/AccessTokenRestHandlerPlugin.class */
public final class AccessTokenRestHandlerPlugin implements RestHandlerPlugin {
    private static final Serializable TOKEN_DATA = new Serializable() { // from class: io.vertigo.vega.plugins.rest.handler.AccessTokenRestHandlerPlugin.1
        private static final long serialVersionUID = 1;
    };
    private static final String HEADER_ACCESS_TOKEN = "x-access-token";
    private static final String INVALID_ACCESS_TOKEN_MSG = "Invalid access token";
    private final TokenManager tokenManager;

    @Inject
    public AccessTokenRestHandlerPlugin(TokenManager tokenManager) {
        Assertion.checkNotNull(tokenManager);
        this.tokenManager = tokenManager;
    }

    @Override // io.vertigo.vega.impl.rest.RestHandlerPlugin
    public boolean accept(EndPointDefinition endPointDefinition) {
        return endPointDefinition.isAccessTokenMandatory() || endPointDefinition.isAccessTokenConsume() || endPointDefinition.isAccessTokenPublish();
    }

    @Override // io.vertigo.vega.impl.rest.RestHandlerPlugin
    public Object handle(Request request, Response response, RouteContext routeContext, HandlerChain handlerChain) throws VSecurityException, SessionException {
        String str;
        if (routeContext.getEndPointDefinition().isAccessTokenMandatory()) {
            str = request.headers(HEADER_ACCESS_TOKEN);
            if (str == null) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
            if (this.tokenManager.get(str).isEmpty()) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
        } else {
            str = null;
        }
        Object handle = handlerChain.handle(request, response, routeContext);
        if (str != null && routeContext.getEndPointDefinition().isAccessTokenConsume()) {
            this.tokenManager.getAndRemove(str);
        }
        if (routeContext.getEndPointDefinition().isAccessTokenPublish()) {
            response.header(HEADER_ACCESS_TOKEN, this.tokenManager.put(TOKEN_DATA));
        }
        return handle;
    }
}
