package org.lwapp.security.ws.filter;

import java.io.IOException;
import javax.inject.Inject;
import javax.interceptor.Interceptors;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.ext.Provider;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.Validate;
import org.lwapp.commons.exception.UnauthorizedException;
import org.lwapp.hibernate.interceptor.UnitOfWork;
import org.lwapp.hibernate.interceptor.UnitOfWorkInterceptor;
import org.lwapp.security.service.AuthorizationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
@Interceptors({UnitOfWorkInterceptor.class})
/* loaded from: input_file:org/lwapp/security/ws/filter/SecurityFilter.class */
public class SecurityFilter implements ContainerRequestFilter {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityFilter.class);
    public static final String AUTHORIZATION_HEADER = "Authorization";
    public static final String APPLICATION_OWNER_ID = "ApplicationOwnerId";
    public static final String APPLICATION_NAME = "ApplicationName";

    @Inject
    private AuthorizationService authenticationService;

    @UnitOfWork
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (Boolean.valueOf(containerRequestContext.getHeaderString("Internal")).booleanValue()) {
            return;
        }
        String headerString = containerRequestContext.getHeaderString(APPLICATION_OWNER_ID);
        Validate.notBlank(headerString, "Please provide ApplicationOwner in header.", new Object[0]);
        String headerString2 = containerRequestContext.getHeaderString(AUTHORIZATION_HEADER);
        Validate.notBlank(headerString2, "Please provide basic authentication in header.", new Object[0]);
        String headerString3 = containerRequestContext.getHeaderString(APPLICATION_NAME);
        Validate.notBlank(headerString3, "Please provide ApplicationName in header.", new Object[0]);
        if (BooleanUtils.isFalse(Boolean.valueOf(this.authenticationService.authenticate(headerString2, headerString, headerString3)))) {
            throw new UnauthorizedException("Un-authorized application client. Make sure you have used correctly 'apiKey' and 'apiSecret' shall be part of BasicAuthentication. Please check headers for 'applicationName' and 'applicationOwnerId' entries aswell.");
        }
        LOG.info("Method:{}, applicationOwnerId:{}, applicationName:{}", new Object[]{containerRequestContext.getMethod(), headerString, headerString3});
    }
}
