package org.zowe.apiml.gateway.filters.pre;

import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.netflix.zuul.util.ZuulRuntimeException;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.zowe.apiml.gateway.ribbon.loadbalancer.LoadBalancerConstants;
import org.zowe.apiml.gateway.security.service.ServiceAuthenticationServiceImpl;
import org.zowe.apiml.gateway.security.service.schema.AuthenticationCommand;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSource;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService;
import org.zowe.apiml.security.common.token.TokenExpireException;

/* loaded from: input_file:org/zowe/apiml/gateway/filters/pre/ServiceAuthenticationFilter.class */
public class ServiceAuthenticationFilter extends PreZuulFilter {

    @Autowired
    private ServiceAuthenticationServiceImpl serviceAuthenticationService;

    @Autowired
    private AuthSourceService authSourceService;

    public int filterOrder() {
        return 11;
    }

    public boolean shouldFilter() {
        return true;
    }

    public Object run() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        boolean z = false;
        AuthenticationCommand authenticationCommand = null;
        String str = (String) currentContext.get(LoadBalancerConstants.SERVICEID_KEY);
        try {
            Optional<AuthSource> authSourceFromRequest = this.authSourceService.getAuthSourceFromRequest();
            authenticationCommand = this.serviceAuthenticationService.getAuthenticationCommand(str, authSourceFromRequest.orElse(null));
            if (authSourceFromRequest.isPresent()) {
                if (!isSourceValidForCommand(authSourceFromRequest.get(), authenticationCommand)) {
                    z = true;
                }
            }
        } catch (AuthenticationException e) {
            z = true;
        } catch (Exception e2) {
            throw new ZuulRuntimeException(new ZuulException(e2, HttpStatus.INTERNAL_SERVER_ERROR.value(), e2.getLocalizedMessage()));
        } catch (TokenExpireException e3) {
            authenticationCommand = null;
        }
        if (z) {
            currentContext.setSendZuulResponse(false);
            currentContext.setResponseStatusCode(401);
            return null;
        }
        if (authenticationCommand == null) {
            return null;
        }
        try {
            authenticationCommand.apply(null);
            return null;
        } catch (Exception e4) {
            throw new ZuulRuntimeException(new ZuulException(e4, HttpStatus.INTERNAL_SERVER_ERROR.value(), e4.getLocalizedMessage()));
        }
    }

    private boolean isSourceValidForCommand(AuthSource authSource, AuthenticationCommand authenticationCommand) {
        return !authenticationCommand.isRequiredValidSource() || this.authSourceService.isValid(authSource);
    }
}
