package fi.jubic.snoozy.server;

import fi.jubic.snoozy.MethodAccess;
import fi.jubic.snoozy.auth.Authentication;
import fi.jubic.snoozy.auth.Authenticator;
import fi.jubic.snoozy.auth.Authorizer;
import fi.jubic.snoozy.auth.UserPrincipal;
import fi.jubic.snoozy.filters.StaticFilesFilter;
import fi.jubic.snoozy.staticfiles.StaticFiles;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;

/* loaded from: input_file:fi/jubic/snoozy/server/AuthFilterAdapter.class */
public class AuthFilterAdapter<P extends UserPrincipal> implements ContainerRequestFilter, StaticFilesFilter {
    private final Authorizer<P> authorizer;
    private final Authenticator<P> authenticator;
    private final Authentication<P> authentication;
    private final ResourceMethodGetter resourceMethodGetter;
    private final ContextPusher contextPusher;
    private final MethodAccessParser methodAccessParser = new MethodAccessParser(true);
    private final Map<Method, MethodAccess> methodAccessCache = new HashMap();

    @Context
    HttpServletRequest servletRequest;

    private AuthFilterAdapter(Authentication<P> authentication, ResourceMethodGetter resourceMethodGetter, ContextPusher contextPusher) {
        this.authentication = authentication;
        this.authenticator = authentication.getAuthenticator();
        this.authorizer = authentication.getAuthorizer();
        this.resourceMethodGetter = resourceMethodGetter;
        this.contextPusher = contextPusher;
    }

    public static <P extends UserPrincipal> AuthFilterAdapter<P> of(Authentication<P> authentication, ResourceMethodGetter resourceMethodGetter, ContextPusher contextPusher) {
        return new AuthFilterAdapter<>(authentication, resourceMethodGetter, contextPusher);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void filter(ContainerRequestContext containerRequestContext) {
        MethodAccess parseAccess;
        Method method = this.resourceMethodGetter.getMethod(containerRequestContext);
        if (this.methodAccessCache.containsKey(method)) {
            parseAccess = this.methodAccessCache.get(method);
        } else {
            parseAccess = this.methodAccessParser.parseAccess(method);
            this.methodAccessCache.put(method, parseAccess);
        }
        Optional<String> parse = this.authentication.getTokenParser().parse(this.servletRequest);
        Authenticator<P> authenticator = this.authenticator;
        Objects.requireNonNull(authenticator);
        Optional<U> flatMap = parse.flatMap(authenticator::authenticate);
        flatMap.ifPresent(userPrincipal -> {
            this.contextPusher.push(this.authentication.getUserClass(), userPrincipal);
        });
        Optional<Response> authErrorResponseSupplier = getAuthErrorResponseSupplier(parseAccess, (UserPrincipal) flatMap.orElse(null));
        Objects.requireNonNull(containerRequestContext);
        authErrorResponseSupplier.ifPresent(containerRequestContext::abortWith);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // fi.jubic.snoozy.filters.StaticFilesFilter
    public Optional<Response> filter(StaticFiles staticFiles, HttpServletRequest httpServletRequest) {
        Optional<String> parse = this.authentication.getTokenParser().parse(httpServletRequest);
        Authenticator<P> authenticator = this.authenticator;
        Objects.requireNonNull(authenticator);
        return getAuthErrorResponseSupplier(staticFiles.getMethodAccess(), (UserPrincipal) parse.flatMap(authenticator::authenticate).orElse(null));
    }

    private Optional<Response> getAuthErrorResponseSupplier(MethodAccess methodAccess, @Nullable P p) {
        return methodAccess.getLevel().equals(MethodAccess.Level.DenyAll) ? Optional.of(this.authentication.getForbidden().get()) : methodAccess.getLevel().equals(MethodAccess.Level.Anonymous) ? Optional.empty() : p == null ? Optional.of(this.authentication.getUnauthorized().get()) : methodAccess.getLevel().equals(MethodAccess.Level.Authenticated) ? Optional.empty() : (methodAccess.getLevel().equals(MethodAccess.Level.Roles) && methodAccess.getValues().stream().anyMatch(str -> {
            return this.authorizer.authorize(p, str);
        })) ? Optional.empty() : Optional.of(this.authentication.getForbidden().get());
    }
}
