package org.aktin.broker.server.auth;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.function.Function;
import java.util.logging.Logger;

/* loaded from: input_file:org/aktin/broker/server/auth/HttpBearerAuthentication.class */
public abstract class HttpBearerAuthentication implements HeaderAuthentication {
    private static final String HTTP_HEADER_AUTHORIZATION = "Authorization";
    private static final Logger log = Logger.getLogger(HttpBearerAuthentication.class.getName());

    protected abstract AuthInfo lookupAuthInfo(String str) throws IOException;

    public static String extractBearerToken(String str) {
        String str2 = null;
        if (str != null && str.startsWith("Bearer ")) {
            str2 = str.substring(7);
        }
        return str2;
    }

    public static Set<AuthRole> defaultRolesForClientDN(String str) {
        if (str == null) {
            return null;
        }
        return str.contains("OU=admin") ? new HashSet(Arrays.asList(AuthRole.ADMIN_READ, AuthRole.ADMIN_WRITE)) : new HashSet(Arrays.asList(AuthRole.NODE_READ, AuthRole.NODE_WRITE));
    }

    @Override // org.aktin.broker.server.auth.HeaderAuthentication
    public AuthInfo authenticateByHeaders(Function<String, String> function) throws IOException {
        String extractBearerToken = extractBearerToken(function.apply(HTTP_HEADER_AUTHORIZATION));
        if (extractBearerToken != null) {
            return lookupAuthInfo(extractBearerToken);
        }
        log.info("HTTP Authorization header missing");
        return null;
    }
}
