package org.aktin.broker.auth;

import java.io.IOException;
import java.sql.SQLException;
import java.util.Objects;
import java.util.function.Function;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;

/* loaded from: input_file:org/aktin/broker/auth/AuthFilterSSLHeaders.class */
public class AuthFilterSSLHeaders implements ContainerRequestFilter, HeaderAuthentication {
    private static final Logger log = Logger.getLogger(AuthFilterSSLHeaders.class.getName());
    public static final String X_SSL_CLIENT_ID = "X-SSL-Client-ID";
    public static final String X_SSL_CLIENT_DN = "X-SSL-Client-DN";
    public static final String X_SSL_CLIENT_VERIFY = "X-SSL-Client-Verify";

    @Inject
    private AuthCache authCache;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Objects.requireNonNull(containerRequestContext);
        Principal authenticateByHeaders = authenticateByHeaders(containerRequestContext::getHeaderString);
        if (authenticateByHeaders == null) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
        } else {
            containerRequestContext.setSecurityContext(authenticateByHeaders);
        }
    }

    @Override // org.aktin.broker.auth.HeaderAuthentication
    public Principal authenticateByHeaders(Function<String, String> function) {
        String apply = function.apply(X_SSL_CLIENT_VERIFY);
        String apply2 = function.apply(X_SSL_CLIENT_ID);
        String apply3 = function.apply(X_SSL_CLIENT_DN);
        if (apply == null || !apply.equals("SUCCESS")) {
            log.info("Client verify header not found or not successful");
            return null;
        }
        try {
            Principal principal = this.authCache.getPrincipal(apply2, apply3);
            log.info("Principal found: " + principal.getName());
            return principal;
        } catch (SQLException e) {
            log.log(Level.SEVERE, "Unable to lookup principal", (Throwable) e);
            return null;
        }
    }
}
