package com.mware.web.auth;

import com.google.common.base.Preconditions;
import com.mware.core.bootstrap.InjectHelper;
import com.mware.core.exception.BcException;
import com.mware.core.model.user.UserRepository;
import com.mware.core.security.AuthToken;
import com.mware.core.security.AuthTokenException;
import com.mware.core.util.BcLogger;
import com.mware.core.util.BcLoggerFactory;
import com.mware.web.CurrentUser;
import javax.crypto.SecretKey;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.atmosphere.cpr.Action;
import org.atmosphere.cpr.AtmosphereConfig;
import org.atmosphere.cpr.AtmosphereInterceptor;
import org.atmosphere.cpr.AtmosphereRequest;
import org.atmosphere.cpr.AtmosphereResource;

/* loaded from: input_file:com/mware/web/auth/AuthTokenWebSocketInterceptor.class */
public class AuthTokenWebSocketInterceptor implements AtmosphereInterceptor {
    private static final BcLogger LOGGER = BcLoggerFactory.getLogger(AuthTokenWebSocketInterceptor.class);
    private SecretKey tokenSigningKey;
    private int tokenExpirationToleranceInSeconds;
    private UserRepository userRepository;

    public void configure(AtmosphereConfig atmosphereConfig) {
        String initParameter = atmosphereConfig.getInitParameter("auth.token.password");
        Preconditions.checkNotNull(initParameter, "AtmosphereConfig init parameter 'auth.token.password' was not set.");
        String initParameter2 = atmosphereConfig.getInitParameter("auth.token.salt");
        Preconditions.checkNotNull(initParameter2, "AtmosphereConfig init parameter 'auth.token.salt' was not set.");
        this.tokenExpirationToleranceInSeconds = atmosphereConfig.getInitParameter("auth.token.expiration_tolerance_seconds", 0);
        this.userRepository = (UserRepository) InjectHelper.getInstance(UserRepository.class);
        try {
            this.tokenSigningKey = AuthToken.generateKey(initParameter, initParameter2);
        } catch (Exception e) {
            throw new BcException("Key generation failed", e);
        }
    }

    public Action inspect(AtmosphereResource atmosphereResource) {
        try {
            AtmosphereRequest request = atmosphereResource.getRequest();
            AuthToken authToken = getAuthToken(request);
            if (authToken != null && !authToken.isExpired(this.tokenExpirationToleranceInSeconds)) {
                setCurrentUser(request, authToken);
            }
            return Action.CONTINUE;
        } catch (AuthTokenException e) {
            LOGGER.warn("Auth token signature verification failed", e);
            return Action.CANCELLED;
        }
    }

    public void postInspect(AtmosphereResource atmosphereResource) {
    }

    public void destroy() {
    }

    private AuthToken getAuthToken(AtmosphereRequest atmosphereRequest) throws AuthTokenException {
        int indexOf;
        String header = atmosphereRequest.getHeader("cookie");
        if (header == null || (indexOf = header.indexOf(AuthTokenFilter.TOKEN_COOKIE_NAME)) <= -1) {
            return null;
        }
        int indexOf2 = header.indexOf("=", indexOf);
        int indexOf3 = header.indexOf(";", indexOf2);
        if (indexOf3 < 0) {
            indexOf3 = header.length();
        }
        String trim = header.substring(indexOf2 + 1, indexOf3).trim();
        if (StringUtils.isEmpty(trim)) {
            return null;
        }
        return AuthToken.parse(trim, this.tokenSigningKey);
    }

    private void setCurrentUser(HttpServletRequest httpServletRequest, AuthToken authToken) {
        Preconditions.checkNotNull(authToken.getUserId(), "Auth token did not contain the userId");
        CurrentUser.set(httpServletRequest, this.userRepository.findById(authToken.getUserId()));
    }
}
