package dev.getelements.elements.servlet.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import dev.getelements.elements.sdk.ElementRegistry;
import dev.getelements.elements.sdk.ElementScope;
import dev.getelements.elements.sdk.model.ErrorResponse;
import dev.getelements.elements.sdk.model.application.Application;
import dev.getelements.elements.sdk.model.exception.BaseException;
import dev.getelements.elements.sdk.model.exception.ErrorCode;
import dev.getelements.elements.sdk.model.exception.ForbiddenException;
import dev.getelements.elements.sdk.model.exception.UnauthorizedException;
import dev.getelements.elements.sdk.model.profile.Profile;
import dev.getelements.elements.sdk.model.session.Session;
import dev.getelements.elements.sdk.model.user.User;
import dev.getelements.elements.sdk.service.auth.CustomAuthSessionService;
import dev.getelements.elements.sdk.service.auth.SessionService;
import dev.getelements.elements.sdk.util.ElementScopes;
import dev.getelements.elements.sdk.util.SimpleAttributes;
import dev.getelements.elements.security.JWTCredentials;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dev/getelements/elements/servlet/security/HttpServletAuthenticationFilter.class */
public abstract class HttpServletAuthenticationFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(HttpServletAuthenticationFilter.class);
    private ElementRegistry registry;
    private ObjectMapper objectMapper;
    private SessionService sessionService;
    private CustomAuthSessionService customAuthSessionService;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            ElementScope.Handle handle = (ElementScope.Handle) getAuthToken(httpServletRequest).map(str -> {
                return enterAuthScope(str, httpServletRequest);
            }).orElseGet(() -> {
                return () -> {
                };
            });
            try {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                if (handle != null) {
                    handle.close();
                }
            } catch (Throwable th) {
                if (handle != null) {
                    try {
                        handle.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (UnauthorizedException e) {
            httpServletResponse.setStatus(401);
            httpServletResponse.setHeader("WWW-Authenticate", "Bearer");
            fail(httpServletResponse, (BaseException) e);
        } catch (Exception e2) {
            httpServletResponse.setStatus(500);
            fail(httpServletResponse, e2);
            logger.error("Caught exception processing security credentials.", e2);
        } catch (ForbiddenException e3) {
            httpServletResponse.setStatus(403);
            fail(httpServletResponse, (BaseException) e3);
        }
    }

    private void fail(HttpServletResponse httpServletResponse, Exception exc) throws IOException {
        ErrorResponse errorResponse = new ErrorResponse();
        errorResponse.setCode(ErrorCode.UNKNOWN.toString());
        errorResponse.setMessage(exc.getMessage());
        httpServletResponse.setContentType("application/json");
        getObjectMapper().writeValue(httpServletResponse.getOutputStream(), errorResponse);
    }

    private void fail(HttpServletResponse httpServletResponse, BaseException baseException) throws IOException {
        ErrorResponse errorResponse = new ErrorResponse();
        errorResponse.setCode(baseException.getCode().toString());
        errorResponse.setMessage(baseException.getMessage());
        httpServletResponse.setContentType("application/json");
        getObjectMapper().writeValue(httpServletResponse.getOutputStream(), errorResponse);
    }

    private ElementScope.Handle enterAuthScope(String str, HttpServletRequest httpServletRequest) {
        Session session = JWTCredentials.isJwt(str) ? getCustomAuthSessionService().getSession(str) : getSessionService().checkAndRefreshSessionIfNecessary(str);
        User user = session.getUser();
        Profile profile = session.getProfile();
        Application application = session.getApplication();
        SimpleAttributes build = new SimpleAttributes.Builder().setAttribute(User.USER_ATTRIBUTE, User.getUnprivileged()).build();
        if (user != null) {
            build.setAttribute(User.USER_ATTRIBUTE, user);
        }
        if (profile != null) {
            build.setAttribute(Profile.PROFILE_ATTRIBUTE, profile);
        }
        if (application != null) {
            build.setAttribute(Application.APPLICATION_ATTRIBUTE, application);
        }
        return ElementScopes.builder().withLogger(logger).withRegistry(getRegistry()).withAttributes(build).withNameFrom(HttpServletAuthenticationFilter.class).withElementsNamed(new String[]{"dev.getelements.elements.sdk.service"}).build().enter();
    }

    private ElementScope.Handle enterAnonymousScope() {
        return ElementScopes.builder().withLogger(logger).withRegistry(getRegistry()).withAttributes(new SimpleAttributes.Builder().setAttribute(User.USER_ATTRIBUTE, User.getUnprivileged()).build()).withElementsNamed(new String[]{"dev.getelements.elements.sdk.service"}).build().enter();
    }

    protected abstract Optional<String> getAuthToken(HttpServletRequest httpServletRequest);

    public ElementRegistry getRegistry() {
        return this.registry;
    }

    @Inject
    public void setRegistry(@Named("dev.getelements.elements.sdk.element.registry.root") ElementRegistry elementRegistry) {
        this.registry = elementRegistry;
    }

    public ObjectMapper getObjectMapper() {
        return this.objectMapper;
    }

    @Inject
    public void setObjectMapper(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    public SessionService getSessionService() {
        return this.sessionService;
    }

    @Inject
    public void setSessionService(SessionService sessionService) {
        this.sessionService = sessionService;
    }

    public CustomAuthSessionService getCustomAuthSessionService() {
        return this.customAuthSessionService;
    }

    @Inject
    public void setCustomAuthSessionService(CustomAuthSessionService customAuthSessionService) {
        this.customAuthSessionService = customAuthSessionService;
    }
}
