package io.vertigo.vega.plugins.webservice.handler;

import io.vertigo.account.authorization.VSecurityException;
import io.vertigo.core.lang.Assertion;
import io.vertigo.core.locale.MessageText;
import io.vertigo.vega.impl.webservice.WebServiceHandlerPlugin;
import io.vertigo.vega.token.TokenManager;
import io.vertigo.vega.webservice.definitions.WebServiceDefinition;
import io.vertigo.vega.webservice.exception.SessionException;
import java.io.Serializable;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:io/vertigo/vega/plugins/webservice/handler/AccessTokenWebServiceHandlerPlugin.class */
public final class AccessTokenWebServiceHandlerPlugin implements WebServiceHandlerPlugin {
    public static final int STACK_INDEX = 90;
    private static final String HEADER_ACCESS_TOKEN = "x-access-token";
    private final TokenManager tokenManager;
    private static final Serializable TOKEN_DATA = new UniqueToken();
    private static final MessageText INVALID_ACCESS_TOKEN_MSG = MessageText.of("Invalid access token", new Serializable[0]);

    /* loaded from: input_file:io/vertigo/vega/plugins/webservice/handler/AccessTokenWebServiceHandlerPlugin$UniqueToken.class */
    private static class UniqueToken implements Serializable {
        private static final long serialVersionUID = 1;
    }

    @Inject
    public AccessTokenWebServiceHandlerPlugin(TokenManager tokenManager) {
        Assertion.check().isNotNull(tokenManager);
        this.tokenManager = tokenManager;
    }

    @Override // io.vertigo.vega.impl.webservice.WebServiceHandlerPlugin
    public boolean accept(WebServiceDefinition webServiceDefinition) {
        return webServiceDefinition.isAccessTokenMandatory() || webServiceDefinition.isAccessTokenConsume() || webServiceDefinition.isAccessTokenPublish();
    }

    @Override // io.vertigo.vega.impl.webservice.WebServiceHandlerPlugin
    public Object handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebServiceCallContext webServiceCallContext, HandlerChain handlerChain) throws SessionException {
        String str;
        if (webServiceCallContext.getWebServiceDefinition().isAccessTokenMandatory()) {
            str = httpServletRequest.getHeader(HEADER_ACCESS_TOKEN);
            if (str == null) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
            if (this.tokenManager.get(str).isEmpty()) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
        } else {
            str = null;
        }
        Object handle = handlerChain.handle(httpServletRequest, httpServletResponse, webServiceCallContext);
        if (str != null && webServiceCallContext.getWebServiceDefinition().isAccessTokenConsume()) {
            this.tokenManager.getAndRemove(str);
        }
        if (webServiceCallContext.getWebServiceDefinition().isAccessTokenPublish()) {
            httpServletResponse.addHeader(HEADER_ACCESS_TOKEN, this.tokenManager.put(TOKEN_DATA));
        }
        return handle;
    }

    @Override // io.vertigo.vega.impl.webservice.WebServiceHandlerPlugin
    public int getStackIndex() {
        return 90;
    }
}
