package org.camunda.optimize.rest.util;

import com.auth0.jwt.JWT;
import java.util.Map;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Cookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/camunda/optimize/rest/util/AuthenticationUtil.class */
public class AuthenticationUtil {
    public static String OPTIMIZE_AUTHORIZATION = "X-Optimize-Authorization";
    private static Logger logger = LoggerFactory.getLogger((Class<?>) AuthenticationUtil.class);

    public static String getToken(ContainerRequestContext containerRequestContext) {
        String headerString = containerRequestContext.getHeaderString(OPTIMIZE_AUTHORIZATION);
        if (headerString == null) {
            headerString = containerRequestContext.getHeaderString("Authorization");
        }
        if (headerString == null) {
            for (Map.Entry<String, Cookie> entry : containerRequestContext.getCookies().entrySet()) {
                if (OPTIMIZE_AUTHORIZATION.equals(entry.getKey())) {
                    headerString = entry.getValue().getValue();
                }
            }
        }
        return extractTokenFromAuthorizationValue(headerString);
    }

    public static String getSessionIssuer(String str) {
        try {
            return JWT.decode(str).getIssuer();
        } catch (Exception e) {
            logger.debug("Could not decode security token to extract issuer!", (Throwable) e);
            throw new NotAuthorizedException("Could not decode security token to extract issuer!", new Object[0]);
        }
    }

    public static String getRequestUser(ContainerRequestContext containerRequestContext) {
        return getSessionIssuer(getToken(containerRequestContext));
    }

    private static String extractTokenFromAuthorizationValue(String str) {
        if (str == null || !str.startsWith("Bearer ")) {
            throw new NotAuthorizedException("Authorization header must be provided", new Object[0]);
        }
        return str.substring("Bearer".length()).trim();
    }
}
