package id.onyx.obdp.server.security.authorization;

import com.google.inject.Inject;
import id.onyx.obdp.server.orm.entities.UserEntity;
import id.onyx.obdp.server.scheduler.ExecutionScheduleManager;
import id.onyx.obdp.server.security.authentication.OBDPUserAuthentication;
import id.onyx.obdp.server.security.authentication.OBDPUserDetailsImpl;
import id.onyx.obdp.server.security.authorization.internal.InternalTokenClientFilter;
import id.onyx.obdp.server.security.authorization.internal.InternalTokenStorage;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.apache.commons.lang.math.NumberUtils;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:id/onyx/obdp/server/security/authorization/OBDPUserAuthorizationFilter.class */
public class OBDPUserAuthorizationFilter implements Filter {
    private final InternalTokenStorage internalTokenStorage;
    private final Users users;

    @Inject
    public OBDPUserAuthorizationFilter(InternalTokenStorage internalTokenStorage, Users users) {
        this.internalTokenStorage = internalTokenStorage;
        this.users = users;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header2 = httpServletRequest.getHeader(InternalTokenClientFilter.INTERNAL_TOKEN_HEADER);
        if (header2 != null && this.internalTokenStorage.isValidInternalToken(header2) && (header = httpServletRequest.getHeader(ExecutionScheduleManager.USER_ID_HEADER)) != null) {
            if (!NumberUtils.isDigits(header)) {
                httpServletResponse.sendError(403, "Invalid user ID");
                httpServletResponse.flushBuffer();
                return;
            }
            UserEntity userEntity = this.users.getUserEntity(Integer.valueOf(Integer.parseInt(header)));
            if (userEntity == null) {
                httpServletResponse.sendError(403, "Authentication required");
                httpServletResponse.flushBuffer();
                return;
            } else if (!userEntity.getActive().booleanValue()) {
                httpServletResponse.sendError(403, "User is not active");
                httpServletResponse.flushBuffer();
                return;
            } else {
                SecurityContextHolder.getContext().setAuthentication(new OBDPUserAuthentication(header2, new OBDPUserDetailsImpl(this.users.getUser(userEntity), null, this.users.getUserAuthorities(userEntity)), true));
                httpServletResponse.setHeader("User", AuthorizationHelper.getAuthenticatedName());
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }
}
