package org.zowe.apiml.security.common.filter;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectReader;
import java.io.IOException;
import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.springframework.web.filter.OncePerRequestFilter;
import org.zowe.apiml.gateway.security.login.SuccessfulAccessTokenHandler;
import org.zowe.apiml.security.common.error.AccessTokenBodyNotValidException;
import org.zowe.apiml.security.common.error.AuthExceptionHandler;

/* loaded from: input_file:BOOT-INF/lib/apiml-security-common-2.11.5.jar:org/zowe/apiml/security/common/filter/StoreAccessTokenInfoFilter.class */
public class StoreAccessTokenInfoFilter extends OncePerRequestFilter {
    public static final String TOKEN_REQUEST = "tokenRequest";
    private static final ObjectReader mapper = new ObjectMapper().reader();
    private final AuthExceptionHandler authExceptionHandler;

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException {
        try {
            ServletInputStream inputStream = httpServletRequest.getInputStream();
            if (inputStream.available() != 0) {
                SuccessfulAccessTokenHandler.AccessTokenRequest accessTokenRequest = (SuccessfulAccessTokenHandler.AccessTokenRequest) mapper.readValue(inputStream, SuccessfulAccessTokenHandler.AccessTokenRequest.class);
                Set<String> scopes = accessTokenRequest.getScopes();
                if (scopes == null || scopes.isEmpty()) {
                    this.authExceptionHandler.handleException(httpServletRequest, httpServletResponse, new AccessTokenBodyNotValidException("org.zowe.apiml.security.token.accessTokenBodyMissingScopes"));
                } else {
                    accessTokenRequest.setScopes((Set) scopes.stream().map((v0) -> {
                        return v0.toLowerCase();
                    }).collect(Collectors.toSet()));
                    httpServletRequest.setAttribute(TOKEN_REQUEST, accessTokenRequest);
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                }
            } else {
                this.authExceptionHandler.handleException(httpServletRequest, httpServletResponse, new AccessTokenBodyNotValidException("org.zowe.apiml.security.token.accessTokenBodyMissingScopes"));
            }
        } catch (IOException e) {
            this.authExceptionHandler.handleException(httpServletRequest, httpServletResponse, new AccessTokenBodyNotValidException("org.zowe.apiml.security.query.invalidAccessTokenBody"));
        }
    }

    @Generated
    public StoreAccessTokenInfoFilter(AuthExceptionHandler authExceptionHandler) {
        this.authExceptionHandler = authExceptionHandler;
    }
}
