package dev.getelements.elements.servlet.security;

import dev.getelements.elements.exception.StatusMapping;
import dev.getelements.elements.sdk.model.exception.BaseException;
import dev.getelements.elements.sdk.model.exception.UnauthorizedException;
import dev.getelements.elements.sdk.model.user.User;
import dev.getelements.elements.sdk.service.auth.UsernamePasswordAuthService;
import dev.getelements.elements.sdk.util.security.AuthorizationHeader;
import dev.getelements.elements.security.AuthenticatedRequest;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dev/getelements/elements/servlet/security/HttpServletBasicAuthFilter.class */
public class HttpServletBasicAuthFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(HttpServletBasicAuthFilter.class);
    private UsernamePasswordAuthService usernamePasswordAuthService;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            filterChain.doFilter(authorize((HttpServletRequest) servletRequest), servletResponse);
        } catch (Exception e) {
            logger.error("Internal Error", e);
            httpServletResponse.setStatus(500);
        } catch (UnauthorizedException e2) {
            int map = StatusMapping.map(e2);
            httpServletResponse.setHeader("WWW-Authenticate", "Basic");
            httpServletResponse.setStatus(map);
            logger.info("Request unauthorized.  Specifying auth type {} in {}", "Basic", "WWW-Authenticate");
        } catch (BaseException e3) {
            httpServletResponse.setStatus(StatusMapping.map(e3));
            logger.info("Request failed ex: {}", e3.getCode(), e3);
        }
    }

    private HttpServletRequest authorize(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            throw new UnauthorizedException();
        }
        AuthorizationHeader authorizationHeader = new AuthorizationHeader(header);
        httpServletRequest.setAttribute(User.USER_ATTRIBUTE, getUsernamePasswordAuthService().createSession(authorizationHeader.asBasicHeader(httpServletRequest.getCharacterEncoding())).getSession().getUser());
        return new AuthenticatedRequest(httpServletRequest, authorizationHeader);
    }

    public void destroy() {
    }

    public UsernamePasswordAuthService getUsernamePasswordAuthService() {
        return this.usernamePasswordAuthService;
    }

    @Inject
    public void setUsernamePasswordAuthService(@Named("dev.getelements.elements.service.unscoped") UsernamePasswordAuthService usernamePasswordAuthService) {
        this.usernamePasswordAuthService = usernamePasswordAuthService;
    }
}
