package com.azure.spring.autoconfigure.aad;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.proc.BadJOSEException;
import com.nimbusds.jwt.proc.BadJWTException;
import java.io.IOException;
import java.text.ParseException;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

@Deprecated
/* loaded from: input_file:com/azure/spring/autoconfigure/aad/AADAppRoleStatelessAuthenticationFilter.class */
public class AADAppRoleStatelessAuthenticationFilter extends OncePerRequestFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(AADAppRoleStatelessAuthenticationFilter.class);
    private final UserPrincipalManager principalManager;

    public AADAppRoleStatelessAuthenticationFilter(UserPrincipalManager userPrincipalManager) {
        this.principalManager = userPrincipalManager;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        Optional map = Optional.of(httpServletRequest).map(httpServletRequest2 -> {
            return httpServletRequest2.getHeader("Authorization");
        }).map((v0) -> {
            return v0.trim();
        }).filter(str -> {
            return str.startsWith(Constants.BEARER_PREFIX);
        }).map(str2 -> {
            return str2.replace(Constants.BEARER_PREFIX, "");
        });
        UserPrincipalManager userPrincipalManager = this.principalManager;
        Objects.requireNonNull(userPrincipalManager);
        String str3 = (String) map.filter(userPrincipalManager::isTokenIssuedByAAD).orElse(null);
        if (str3 == null || alreadyAuthenticated()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            UserPrincipal buildUserPrincipal = this.principalManager.buildUserPrincipal(str3);
            PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(buildUserPrincipal, (Object) null, toSimpleGrantedAuthoritySet(buildUserPrincipal));
            LOGGER.info("Request token verification success. {}", preAuthenticatedAuthenticationToken);
            SecurityContextHolder.getContext().setAuthentication(preAuthenticatedAuthenticationToken);
            try {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                SecurityContextHolder.clearContext();
            } catch (Throwable th) {
                SecurityContextHolder.clearContext();
                throw th;
            }
        } catch (ParseException | BadJOSEException | JOSEException e) {
            LOGGER.error("Failed to initialize UserPrincipal.", e);
            throw new ServletException(e);
        } catch (BadJWTException e2) {
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value());
        }
    }

    private boolean alreadyAuthenticated() {
        return ((Boolean) Optional.of(SecurityContextHolder.getContext()).map((v0) -> {
            return v0.getAuthentication();
        }).map((v0) -> {
            return v0.isAuthenticated();
        }).orElse(false)).booleanValue();
    }

    protected Set<SimpleGrantedAuthority> toSimpleGrantedAuthoritySet(UserPrincipal userPrincipal) {
        return (Set) Optional.of((Set) ((Stream) Optional.of(userPrincipal).map((v0) -> {
            return v0.getRoles();
        }).map((v0) -> {
            return v0.stream();
        }).orElseGet(Stream::empty)).filter(StringUtils::hasText).map(str -> {
            return new SimpleGrantedAuthority(Constants.ROLE_PREFIX + str);
        }).collect(Collectors.toSet())).filter(set -> {
            return !set.isEmpty();
        }).orElse(Constants.DEFAULT_AUTHORITY_SET);
    }
}
