package org.n52.security.service.authentication.token;

import java.security.Key;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.authentication.AuthenticationException;
import org.n52.security.authentication.AuthenticationFailedException;
import org.n52.security.authentication.AuthenticationService;
import org.n52.security.authentication.CredentialsExpiredException;
import org.n52.security.authentication.SimpleAuthenticationContext;
import org.n52.security.common.crypto.KeyPair;
import org.n52.security.common.util.StringUtils;
import org.n52.security.service.authentication.servlet.AuthenticationProcessor;
import org.n52.security.service.authentication.servlet.AuthenticationProcessorFactory;

/* loaded from: input_file:org/n52/security/service/authentication/token/TokenAuthenticationProcessorFactory.class */
public class TokenAuthenticationProcessorFactory implements AuthenticationProcessorFactory {
    private String m_tokenParameterName;
    private boolean m_decodeBase64;
    private KeyPair m_validationKeyPair;

    @Override // org.n52.security.service.authentication.servlet.AuthenticationProcessorFactory
    public AuthenticationProcessor getProcessor() {
        return new AuthenticationProcessor(this) { // from class: org.n52.security.service.authentication.token.TokenAuthenticationProcessorFactory.1
            private final TokenAuthenticationProcessorFactory this$0;

            {
                this.this$0 = this;
            }

            @Override // org.n52.security.service.authentication.servlet.AuthenticationProcessor
            public AuthenticationContext authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationService authenticationService) throws AuthenticationException {
                String parameter = httpServletRequest.getParameter(this.this$0.m_tokenParameterName);
                if (parameter == null) {
                    parameter = httpServletRequest.getHeader(this.this$0.m_tokenParameterName);
                }
                if (parameter == null) {
                    throw new AuthenticationFailedException(new StringBuffer().append("Could not find token parameter or header field with key <").append(this.this$0.m_tokenParameterName).append(">").toString());
                }
                Token parseToken = parseToken(parameter);
                if (!parseToken.signatureValid(this.this$0.getValidationKey())) {
                    throw new AuthenticationFailedException("Token signature could not be verfified");
                }
                if (parseToken.expired()) {
                    throw new CredentialsExpiredException("Token expired");
                }
                return new SimpleAuthenticationContext(parseToken.toSubject());
            }

            private Token parseToken(String str) {
                String str2 = str;
                if (this.this$0.m_decodeBase64) {
                    str2 = StringUtils.decodeBase64(str);
                }
                return Token.parse(str2);
            }
        };
    }

    public void setTokenParameterName(String str) {
        this.m_tokenParameterName = str;
    }

    public String getTokenParameterName() {
        return this.m_tokenParameterName;
    }

    public void setDecodeBase64(boolean z) {
        this.m_decodeBase64 = z;
    }

    public boolean isDecodeBase64() {
        return this.m_decodeBase64;
    }

    public Key getValidationKey() {
        return this.m_validationKeyPair.getPublicKey();
    }

    public void setValidationKeyPair(KeyPair keyPair) {
        this.m_validationKeyPair = keyPair;
    }

    public KeyPair getValidationKeyPair() {
        return this.m_validationKeyPair;
    }
}
