package fish.focus.uvms.rest.security;

import fish.focus.uvms.constants.AuthConstants;
import fish.focus.uvms.usm.jwt.JwtTokenHandler;
import java.util.List;
import javax.ejb.EJB;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.apache.commons.lang3.exception.ExceptionUtils;

@Provider
/* loaded from: input_file:WEB-INF/lib/usm4uvms-4.1.10.jar:fish/focus/uvms/rest/security/UnionVMSFeatureFilter.class */
public class UnionVMSFeatureFilter extends AbstractUSMHandler implements ContainerRequestFilter {

    @EJB
    private JwtTokenHandler jwtTokenHandler;

    @Context
    private ResourceInfo resourceInfo;

    public void filter(ContainerRequestContext containerRequestContext) {
        UnionVMSFeature value;
        if (this.resourceInfo.getResourceMethod().isAnnotationPresent(RequiresFeature.class)) {
            value = ((RequiresFeature) this.resourceInfo.getResourceMethod().getAnnotation(RequiresFeature.class)).value();
        } else if (!this.resourceInfo.getResourceClass().isAnnotationPresent(RequiresFeature.class)) {
            return;
        } else {
            value = ((RequiresFeature) this.resourceInfo.getResourceClass().getAnnotation(RequiresFeature.class)).value();
        }
        try {
            String headerString = containerRequestContext.getHeaderString(AuthConstants.HTTP_HEADER_AUTHORIZATION);
            if (headerString == null || headerString.isEmpty()) {
                sendAccessForbidden(containerRequestContext);
                return;
            }
            List<Integer> parseTokenFeatures = this.jwtTokenHandler.parseTokenFeatures(headerString);
            if (parseTokenFeatures != null) {
                UnionVMSFeature unionVMSFeature = value;
                if (!parseTokenFeatures.stream().noneMatch(num -> {
                    return num.equals(Integer.valueOf(unionVMSFeature.getFeatureId()));
                })) {
                    return;
                }
            }
            sendAccessForbidden(containerRequestContext);
        } catch (Exception e) {
            containerRequestContext.abortWith(Response.status(Response.Status.INTERNAL_SERVER_ERROR).header("Content-Type", "text/plain").entity(ExceptionUtils.getRootCause(e)).build());
        }
    }

    private void sendAccessForbidden(ContainerRequestContext containerRequestContext) {
        containerRequestContext.abortWith(Response.status(Response.Status.FORBIDDEN).header("Content-Type", "text/plain").entity("User cannot access the resource.").build());
    }
}
