package it.cosenonjaviste.security.jwt.valves;

import it.cosenonjaviste.security.jwt.catalinawriters.ResponseWriter;
import it.cosenonjaviste.security.jwt.model.AuthErrorResponse;
import it.cosenonjaviste.security.jwt.model.JwtAdapter;
import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.valves.ValveBase;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;

/* loaded from: input_file:it/cosenonjaviste/security/jwt/valves/AbstractJwtTokenValve.class */
public abstract class AbstractJwtTokenValve extends ValveBase {
    private static final Log LOG = LogFactory.getLog(AbstractJwtTokenValve.class);
    protected String customUserIdClaim;
    protected String customRolesClaim;

    public void invoke(Request request, Response response) throws IOException, ServletException {
        SecurityConstraint[] findSecurityConstraints = this.container.getRealm().findSecurityConstraints(request, request.getContext());
        if ((findSecurityConstraints != null || request.getContext().getPreemptiveAuthentication()) && hasAuthConstraint(findSecurityConstraints)) {
            handleAuthentication(request, response);
        } else {
            getNext().invoke(request, response);
        }
    }

    private boolean hasAuthConstraint(SecurityConstraint[] securityConstraintArr) {
        if (securityConstraintArr == null) {
            return false;
        }
        boolean z = true;
        for (SecurityConstraint securityConstraint : securityConstraintArr) {
            z &= securityConstraint.getAuthConstraint();
        }
        return z;
    }

    protected abstract void handleAuthentication(Request request, Response response) throws IOException, ServletException;

    /* JADX INFO: Access modifiers changed from: protected */
    public void authenticateRequest(Request request, JwtAdapter jwtAdapter) {
        request.setUserPrincipal(new GenericPrincipal(jwtAdapter.getUserId(), (String) null, jwtAdapter.getRoles()));
        request.setAuthType("TOKEN");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendUnauthorizedError(Request request, Response response, String str) throws IOException {
        ResponseWriter.get(request.getHeader("accept")).write(response, 401, new AuthErrorResponse(str));
    }

    public void setCustomUserIdClaim(String str) {
        this.customUserIdClaim = str;
    }

    public void setCustomRolesClaim(String str) {
        this.customRolesClaim = str;
    }
}
