package edu.emory.cci.aiw.cvrg.eureka.common.authentication;

import edu.emory.cci.aiw.cvrg.eureka.common.dao.AuthorizedUserDao;
import edu.emory.cci.aiw.cvrg.eureka.common.entity.AuthorizedUserEntity;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
import org.eurekaclinical.standardapis.exception.HttpStatusException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/eureka-common-2.0-Alpha-43.jar:edu/emory/cci/aiw/cvrg/eureka/common/authentication/AuthorizedUserSupport.class */
public class AuthorizedUserSupport extends AbstractUserSupport {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AuthorizedUserSupport.class);
    private final AuthorizedUserDao userDao;

    public AuthorizedUserSupport(AuthorizedUserDao authorizedUserDao) {
        this.userDao = authorizedUserDao;
    }

    public boolean isSameUser(HttpServletRequest httpServletRequest, AuthorizedUserEntity authorizedUserEntity) {
        return isSameUser(httpServletRequest, authorizedUserEntity.getUsername());
    }

    public AuthorizedUserEntity getUser(HttpServletRequest httpServletRequest) {
        Principal userPrincipal = getUserPrincipal(httpServletRequest);
        AuthorizedUserEntity byPrincipal = this.userDao.getByPrincipal(userPrincipal);
        if (byPrincipal == null) {
            throw new HttpStatusException(Response.Status.FORBIDDEN, "User " + userPrincipal.getName() + " is unauthorized to use this resource");
        }
        return byPrincipal;
    }
}
