package org.camunda.optimize.rest.providers;

import java.net.URI;
import java.net.URISyntaxException;
import javax.annotation.Priority;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.camunda.optimize.rest.util.AuthenticationUtil;
import org.camunda.optimize.service.security.SessionService;
import org.glassfish.jersey.server.ContainerRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Secured
@Provider
@Priority(1000)
@Component
/* loaded from: input_file:org/camunda/optimize/rest/providers/AuthenticationFilter.class */
public class AuthenticationFilter implements ContainerRequestFilter {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private static final String CSV_SUFFIX = ".csv";
    private static final String LOG_IN = "/login";
    private static final String STATUS = "status";

    @Autowired
    private SessionService sessionService;

    @Context
    private ResourceInfo resourceInfo;

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) {
        String retrievePath = retrievePath(containerRequestContext);
        if (retrievePath == null || !retrievePath.toLowerCase().startsWith("status")) {
            try {
                if (!this.sessionService.isValidToken(AuthenticationUtil.getToken(containerRequestContext))) {
                    handleInvalidToken(containerRequestContext);
                }
            } catch (Exception e) {
                this.logger.debug("Error during issuing of security token!", (Throwable) e);
                handleInvalidToken(containerRequestContext);
            }
        }
    }

    private String retrievePath(ContainerRequestContext containerRequestContext) {
        return ((ContainerRequest) containerRequestContext).getPath(false);
    }

    private void handleInvalidToken(ContainerRequestContext containerRequestContext) {
        if (isCSVRequest(retrievePath(containerRequestContext))) {
            redirectToLoginPage(containerRequestContext);
        } else {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
        }
    }

    private void redirectToLoginPage(ContainerRequestContext containerRequestContext) {
        URI uri = null;
        try {
            uri = new URI(LOG_IN);
        } catch (URISyntaxException e) {
            this.logger.debug("can't build URI to login", (Throwable) e);
        }
        containerRequestContext.abortWith(Response.temporaryRedirect(uri).build());
    }

    private boolean isCSVRequest(String str) {
        return str.endsWith(CSV_SUFFIX);
    }
}
