package org.zowe.apiml.gateway.filters.security;

import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang.StringUtils;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.zowe.apiml.gateway.service.TokenProvider;
import org.zowe.apiml.security.common.config.AuthConfigurationProperties;
import org.zowe.apiml.security.common.token.TokenAuthentication;
import org.zowe.apiml.util.CookieUtil;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/filters/security/TokenAuthFilter.class */
public class TokenAuthFilter implements WebFilter {
    public static final String HEADER_PREFIX = "Bearer ";
    private final TokenProvider tokenProvider;
    private final AuthConfigurationProperties authConfigurationProperties;

    @Override // org.springframework.web.server.WebFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        return (Mono) resolveToken(serverWebExchange.getRequest()).filter(StringUtils::isNotBlank).map(str -> {
            return this.tokenProvider.validateToken(str).flatMap(queryResponse -> {
                if (!StringUtils.isNotBlank(queryResponse.getUserId())) {
                    return webFilterChain.filter(serverWebExchange);
                }
                TokenAuthentication createAuthenticated = TokenAuthentication.createAuthenticated(queryResponse.getUserId(), str);
                return webFilterChain.filter(serverWebExchange).contextWrite(context -> {
                    return ReactiveSecurityContextHolder.withAuthentication(createAuthenticated);
                });
            });
        }).orElseGet(() -> {
            return webFilterChain.filter(serverWebExchange);
        });
    }

    private Optional<String> resolveToken(ServerHttpRequest serverHttpRequest) {
        String first = serverHttpRequest.getHeaders().getFirst("Authorization");
        if (StringUtils.startsWith(first, HEADER_PREFIX)) {
            return Optional.of(first.substring(HEADER_PREFIX.length()));
        }
        String cookieName = this.authConfigurationProperties.getCookieProperties().getCookieName();
        return CookieUtil.readCookies(serverHttpRequest.getHeaders()).filter(httpCookie -> {
            return StringUtils.equals(cookieName, httpCookie.getName());
        }).findFirst().map((v0) -> {
            return v0.getValue();
        });
    }

    @Generated
    public TokenAuthFilter(TokenProvider tokenProvider, AuthConfigurationProperties authConfigurationProperties) {
        this.tokenProvider = tokenProvider;
        this.authConfigurationProperties = authConfigurationProperties;
    }
}
