package org.ikasan.rest.dashboard;

import io.jsonwebtoken.ExpiredJwtException;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.ikasan.security.model.User;
import org.ikasan.security.service.UserService;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:BOOT-INF/lib/ikasan-rest-dashboard-3.2.3.jar:org/ikasan/rest/dashboard/JwtRequestFilter.class */
public class JwtRequestFilter extends OncePerRequestFilter {
    private UserService userService;
    private JwtTokenUtil jwtTokenUtil;

    public JwtRequestFilter(UserService userService, JwtTokenUtil jwtTokenUtil) {
        this.userService = userService;
        this.jwtTokenUtil = jwtTokenUtil;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        User loadUserByUsername;
        String servletPath = httpServletRequest.getServletPath();
        if (servletPath.startsWith("/rest")) {
            String header = httpServletRequest.getHeader("Authorization");
            if (header == null || !header.startsWith("Bearer ")) {
                this.logger.warn("[Authorization] header does not begin with Bearer String on url [" + servletPath + "]");
            } else {
                String substring = header.substring(7);
                try {
                    String usernameFromToken = this.jwtTokenUtil.getUsernameFromToken(substring);
                    if (usernameFromToken != null && SecurityContextHolder.getContext().getAuthentication() == null && (loadUserByUsername = this.userService.loadUserByUsername(usernameFromToken)) != null && this.jwtTokenUtil.validateToken(substring, loadUserByUsername).booleanValue()) {
                        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, null, loadUserByUsername.getAuthorities());
                        usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
                    }
                } catch (ExpiredJwtException e) {
                    this.logger.warn("JWT Token has expired called by [" + servletPath + "]");
                } catch (IllegalArgumentException e2) {
                    this.logger.warn("Unable to get JWT Token by [" + servletPath + "]");
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
