package org.zowe.apiml.gateway.filters.pre;

import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.netflix.zuul.util.ZuulRuntimeException;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.zowe.apiml.gateway.security.service.AuthenticationService;
import org.zowe.apiml.gateway.security.service.ServiceAuthenticationServiceImpl;
import org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand;
import org.zowe.apiml.security.common.token.TokenExpireException;

/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/filters/pre/ServiceAuthenticationFilter.class */
public class ServiceAuthenticationFilter extends ZuulFilter {

    @Autowired
    private ServiceAuthenticationServiceImpl serviceAuthenticationService;

    @Autowired
    private AuthenticationService authenticationService;

    public String filterType() {
        return "pre";
    }

    public int filterOrder() {
        return 11;
    }

    public boolean shouldFilter() {
        return true;
    }

    public Object run() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        boolean z = false;
        AuthenticationCommand authenticationCommand = null;
        String str = (String) currentContext.get("serviceId");
        try {
            String orElse = this.authenticationService.getJwtTokenFromRequest(currentContext.getRequest()).orElse(null);
            authenticationCommand = this.serviceAuthenticationService.getAuthenticationCommand(str, orElse);
            if (orElse != null && authenticationCommand.isRequiredValidJwt()) {
                if (!this.authenticationService.validateJwtToken(orElse).isAuthenticated()) {
                    z = true;
                }
            }
        } catch (Exception e) {
            throw new ZuulRuntimeException(new ZuulException(e, HttpStatus.INTERNAL_SERVER_ERROR.value(), String.valueOf(e)));
        } catch (TokenExpireException e2) {
            authenticationCommand = null;
        } catch (AuthenticationException e3) {
            z = true;
        }
        if (z) {
            currentContext.setSendZuulResponse(false);
            currentContext.setResponseStatusCode(401);
            return null;
        }
        if (authenticationCommand == null) {
            return null;
        }
        try {
            authenticationCommand.apply(null);
            return null;
        } catch (Exception e4) {
            throw new ZuulRuntimeException(new ZuulException(e4, HttpStatus.INTERNAL_SERVER_ERROR.value(), String.valueOf(e4)));
        }
    }
}
