package org.pipservices4.http.auth;

import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.core.Response;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import org.glassfish.jersey.process.Inflector;
import org.pipservices4.commons.errors.UnauthorizedException;
import org.pipservices4.http.controllers.AuthorizeFunction;
import org.pipservices4.http.controllers.HttpResponseSender;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/pip-services4-http-0.0.4-jar-with-dependencies.jar:org/pipservices4/http/auth/OwnerAuthorizer.class
  input_file:lib/pip-services4-http-0.0.4.jar:org/pipservices4/http/auth/OwnerAuthorizer.class
 */
/* loaded from: input_file:obj/src/org/pipservices4/http/auth/OwnerAuthorizer.class */
public class OwnerAuthorizer {
    public AuthorizeFunction<ContainerRequestContext, Inflector<ContainerRequestContext, Response>, Response> owner(String str) {
        return (containerRequestContext, inflector) -> {
            if (containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
                return HttpResponseSender.sendError(new UnauthorizedException(null, "NOT_SIGNED", "User must be signed in to perform this operation").withStatus(401));
            }
            return containerRequestContext.getProperty("user_id") != getQueryParameter(containerRequestContext, str) ? HttpResponseSender.sendError(new UnauthorizedException(null, "FORBIDDEN", "Only data owner can perform this operation").withStatus(403)) : (Response) inflector.apply(containerRequestContext);
        };
    }

    public AuthorizeFunction<ContainerRequestContext, Inflector<ContainerRequestContext, Response>, Response> ownerOrAdmin(String str) {
        return (containerRequestContext, inflector) -> {
            if (containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
                return HttpResponseSender.sendError(new UnauthorizedException(null, "NOT_SIGNED", "User must be signed in to perform this operation").withStatus(401));
            }
            return (containerRequestContext.getProperty("user_id") == getQueryParameter(containerRequestContext, str) || containerRequestContext.getSecurityContext().isUserInRole("admin")) ? (Response) inflector.apply(containerRequestContext) : HttpResponseSender.sendError(new UnauthorizedException(null, "FORBIDDEN", "Only data owner can perform this operation").withStatus(403));
        };
    }

    private String getQueryParameter(ContainerRequestContext containerRequestContext, String str) {
        String str2 = null;
        String encode = URLEncoder.encode(str, StandardCharsets.UTF_8);
        if (containerRequestContext.getUriInfo().getQueryParameters().containsKey(encode)) {
            String first = containerRequestContext.getUriInfo().getQueryParameters().getFirst(encode);
            str2 = first != null ? URLDecoder.decode(first, StandardCharsets.UTF_8) : null;
        }
        return str2;
    }
}
