package org.aktin.broker.auth;

import java.io.IOException;
import java.sql.SQLException;
import java.util.Objects;
import java.util.function.Function;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;

/* loaded from: input_file:org/aktin/broker/auth/AuthFilterAPIKeys.class */
public abstract class AuthFilterAPIKeys implements ContainerRequestFilter, HeaderAuthentication {
    private static final Logger log = Logger.getLogger(AuthFilterAPIKeys.class.getName());

    @Inject
    private AuthCache authCache;

    public abstract String getClientDN(String str);

    public final void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Objects.requireNonNull(containerRequestContext);
        Principal authenticateByHeaders = authenticateByHeaders(containerRequestContext::getHeaderString);
        if (authenticateByHeaders == null) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
        } else {
            containerRequestContext.setSecurityContext(authenticateByHeaders);
        }
    }

    @Override // org.aktin.broker.auth.HeaderAuthentication
    public Principal authenticateByHeaders(Function<String, String> function) {
        String apply = function.apply("Authorization");
        String str = null;
        if (apply != null && apply.startsWith("Bearer ")) {
            str = apply.substring(7);
        }
        if (str == null) {
            log.info("HTTP Authorization header missing");
            return null;
        }
        String clientDN = getClientDN(str);
        if (clientDN == null) {
            log.info("Access denied for API key: " + str);
            return null;
        }
        Principal principal = null;
        try {
            principal = this.authCache.getPrincipal(str, clientDN);
            log.info("Principal found: " + principal.getName());
        } catch (SQLException e) {
            log.log(Level.SEVERE, "Unable to lookup principal", (Throwable) e);
        }
        return principal;
    }
}
