package org.aktin.broker.websocket;

import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.websocket.HandshakeResponse;
import javax.websocket.server.HandshakeRequest;
import javax.websocket.server.ServerEndpointConfig;
import org.aktin.broker.auth.AuthCache;
import org.aktin.broker.auth.Principal;
import org.aktin.broker.server.auth.HeaderAuthentication;

/* loaded from: input_file:org/aktin/broker/websocket/HeaderAuthSessionConfigurator.class */
public class HeaderAuthSessionConfigurator extends ServerEndpointConfig.Configurator {
    private static final Logger log = Logger.getLogger(HeaderAuthSessionConfigurator.class.getName());
    public static final String AUTH_USER = "auth-user";
    private HeaderAuthentication auth;
    private AuthCache cache;

    @Inject
    public HeaderAuthSessionConfigurator(HeaderAuthentication headerAuthentication, AuthCache authCache) {
        this.auth = headerAuthentication;
        this.cache = authCache;
    }

    private static final Function<String, String> mapSingleHeader(final Map<String, List<String>> map) {
        return new Function<String, String>() { // from class: org.aktin.broker.websocket.HeaderAuthSessionConfigurator.1
            @Override // java.util.function.Function
            public String apply(String str) {
                List list = (List) map.get(str);
                if (list == null || list.size() == 0) {
                    return null;
                }
                return (String) list.get(0);
            }
        };
    }

    public void modifyHandshake(ServerEndpointConfig serverEndpointConfig, HandshakeRequest handshakeRequest, HandshakeResponse handshakeResponse) {
        Objects.requireNonNull(this.auth, "CDI failed for HeaderAuthentication");
        Objects.requireNonNull(this.cache, "CDI failed for AuthCache");
        Principal principal = null;
        try {
            principal = this.cache.getPrincipal(this.auth.authenticateByHeaders(mapSingleHeader(handshakeRequest.getHeaders())));
        } catch (IOException e) {
            log.log(Level.WARNING, "Unexpected authentication failure", (Throwable) e);
        }
        super.modifyHandshake(serverEndpointConfig, handshakeRequest, handshakeResponse);
        if (principal != null) {
            log.info("Websocket handshake auth user: " + principal.getName());
            serverEndpointConfig.getUserProperties().put(AUTH_USER, principal);
        } else {
            log.info("Websocket handshake auth unauthorized. Aborting handshake.");
            handshakeResponse.getHeaders().put("Sec-WebSocket-Accept", Collections.emptyList());
        }
    }
}
