package com.adtsw.jchannels.auth;

import com.adtsw.jchannels.model.Constants;
import com.adtsw.jchannels.model.HttpRequest;
import com.adtsw.jchannels.model.auth.SessionInfo;
import com.adtsw.jchannels.model.exception.InvalidTokenException;
import com.adtsw.jchannels.model.exception.UnauthorizedAccessException;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/adtsw/jchannels/auth/APIAuthorizer.class */
public class APIAuthorizer implements IAuthorizer {
    private static final Logger logger = LogManager.getLogger(APIAuthorizer.class);
    private final ITokenManager tokenManager;

    @Override // com.adtsw.jchannels.auth.IAuthorizer
    public SessionInfo authorize(HttpRequest httpRequest, String str) throws UnauthorizedAccessException {
        SessionInfo sessionInfo = null;
        try {
            String str2 = httpRequest.getHeaders().get(Constants.AUTHORIZATION_HEADER);
            if (StringUtils.isNotEmpty(str2)) {
                String[] split = str2.split(" ");
                if (split.length == 2 && Constants.AUTHORIZATION_BEARER_TYPE.equals(split[0])) {
                    sessionInfo = this.tokenManager.validate(split[1]);
                }
            }
        } catch (InvalidTokenException e) {
            logger.warn("Exception while verifying token : " + e.getMessage());
        }
        if (StringUtils.isNotEmpty(str) && !Constants.OPEN_SCOPE.equals(str)) {
            if (sessionInfo == null) {
                throw new UnauthorizedAccessException("Unauthorized access");
            }
            if (!Constants.AUTHENTICATED_SCOPE.equals(str) && !sessionInfo.getScope().contains(str)) {
                throw new UnauthorizedAccessException("Insufficient permissions for user " + sessionInfo.getIdentity());
            }
        }
        return sessionInfo;
    }

    public APIAuthorizer(ITokenManager iTokenManager) {
        this.tokenManager = iTokenManager;
    }
}
