package com.obj.nc.security.config;

import com.obj.nc.security.exception.UserNotAuthenticatedException;
import com.obj.nc.security.service.JwtUserDetailsService;
import java.io.IOException;
import java.util.Arrays;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

@ConditionalOnBean({JwtSecurityConfig.class})
@Component
/* loaded from: input_file:com/obj/nc/security/config/JwtRequestFilter.class */
public class JwtRequestFilter extends OncePerRequestFilter {
    private final JwtUserDetailsService jwtUserDetailsService;
    private final JwtTokenUtil jwtTokenUtil;
    private final AntPathMatcher antPathMatcher;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String header = httpServletRequest.getHeader(Constants.AUTHORIZATION_HEADER);
        if (!isProtectedResource(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (header == null || !header.startsWith(Constants.JWT_TOKEN_PREFIX)) {
            throw new UserNotAuthenticatedException("JWT Token does not begin with Bearer String");
        }
        String substring = header.substring(Constants.JWT_TOKEN_PREFIX.length());
        try {
            String usernameFromToken = this.jwtTokenUtil.getUsernameFromToken(substring);
            if (usernameFromToken != null) {
                UserDetails loadUserByUsername = this.jwtUserDetailsService.loadUserByUsername(usernameFromToken);
                if (!this.jwtTokenUtil.validateToken(substring, loadUserByUsername).booleanValue()) {
                    throw new UserNotAuthenticatedException("JWT Token validation failed");
                }
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
                usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            throw new UserNotAuthenticatedException(e.getMessage());
        }
    }

    private boolean isProtectedResource(HttpServletRequest httpServletRequest) {
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        return Arrays.stream(Constants.UNPROTECTED_PATHS).noneMatch(str -> {
            return this.antPathMatcher.match(str, substring);
        });
    }

    public JwtRequestFilter(JwtUserDetailsService jwtUserDetailsService, JwtTokenUtil jwtTokenUtil, AntPathMatcher antPathMatcher) {
        this.jwtUserDetailsService = jwtUserDetailsService;
        this.jwtTokenUtil = jwtTokenUtil;
        this.antPathMatcher = antPathMatcher;
    }
}
