package org.n52.security.service.authentication.token;

import javax.servlet.http.HttpServletRequest;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.authentication.AuthenticationException;
import org.n52.security.authentication.AuthenticationFailedException;
import org.n52.security.authentication.AuthenticationService;
import org.n52.security.authentication.CredentialsExpiredException;
import org.n52.security.authentication.SimpleAuthenticationContext;
import org.n52.security.common.crypto.KeyPair;
import org.n52.security.common.util.StringUtils;
import org.n52.security.service.authentication.servlet.AuthenticationProcessor;
import org.n52.security.service.authentication.servlet.ServletRequestResponseContext;

/* loaded from: input_file:org/n52/security/service/authentication/token/TokenAuthenticationProcessor.class */
public class TokenAuthenticationProcessor implements AuthenticationProcessor {
    private String m_tokenParameterName;
    private boolean m_decodeBase64;
    private KeyPair m_validationKeyPair;

    public TokenAuthenticationProcessor(String str, boolean z, KeyPair keyPair) {
        this.m_tokenParameterName = str;
        this.m_decodeBase64 = z;
        this.m_validationKeyPair = keyPair;
    }

    public AuthenticationContext authenticate(ServletRequestResponseContext servletRequestResponseContext, AuthenticationService authenticationService) throws AuthenticationException {
        HttpServletRequest request = servletRequestResponseContext.getRequest();
        String parameter = request.getParameter(this.m_tokenParameterName);
        if (parameter == null) {
            parameter = request.getHeader(this.m_tokenParameterName);
        }
        if (parameter == null) {
            throw new AuthenticationFailedException("Could not find token parameter or header field with key <" + this.m_tokenParameterName + ">");
        }
        Token parseToken = parseToken(parameter);
        if (!parseToken.signatureValid(this.m_validationKeyPair.getPublicKey())) {
            throw new AuthenticationFailedException("Token signature could not be verfified");
        }
        if (parseToken.expired()) {
            throw new CredentialsExpiredException("Token expired");
        }
        return authenticateToken(parseToken, authenticationService);
    }

    protected AuthenticationContext authenticateToken(Token token, AuthenticationService authenticationService) {
        return new SimpleAuthenticationContext(token.toSubject());
    }

    private Token parseToken(String str) {
        String str2 = str;
        if (this.m_decodeBase64) {
            str2 = StringUtils.decodeBase64(str);
        }
        return Token.parse(str2);
    }
}
