package org.usergrid.rest.security.shiro.filters;

import com.sun.jersey.spi.container.ContainerRequest;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import org.apache.amber.oauth2.common.OAuth;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.usergrid.rest.exceptions.AuthErrorInfo;
import org.usergrid.rest.exceptions.SecurityException;
import org.usergrid.security.shiro.utils.SubjectUtils;

@Component
/* loaded from: input_file:usergrid-rest-0.0.27.1-classes.jar:org/usergrid/rest/security/shiro/filters/ClientCredentialsSecurityFilter.class */
public class ClientCredentialsSecurityFilter extends SecurityFilter {
    private static final Logger logger = LoggerFactory.getLogger(ClientCredentialsSecurityFilter.class);

    @Context
    protected HttpServletRequest httpServletRequest;

    public ClientCredentialsSecurityFilter() {
        logger.info("ClientCredentialsSecurityFilter is installed");
    }

    @Override // com.sun.jersey.spi.container.ContainerRequestFilter
    public ContainerRequest filter(ContainerRequest containerRequest) {
        String parameter = this.httpServletRequest.getParameter(OAuth.OAUTH_CLIENT_ID);
        String parameter2 = this.httpServletRequest.getParameter(OAuth.OAUTH_CLIENT_SECRET);
        if (StringUtils.isNotBlank(parameter) && StringUtils.isNotBlank(parameter2)) {
            try {
                SubjectUtils.getSubject().login(this.management.getPrincipalCredentialsTokenForClientCredentials(parameter, parameter2));
            } catch (Exception e) {
                throw SecurityException.mappableSecurityException(AuthErrorInfo.OAUTH2_INVALID_CLIENT);
            }
        }
        return containerRequest;
    }
}
