package com.dotcms.auth.providers.jwt.services;

import com.dotcms.auth.providers.jwt.JsonWebTokenAuthCredentialProcessor;
import com.dotcms.auth.providers.jwt.JsonWebTokenUtils;
import com.dotcms.repackage.com.google.common.annotations.VisibleForTesting;
import com.dotcms.repackage.javax.ws.rs.core.Response;
import com.dotcms.repackage.org.apache.commons.lang.StringUtils;
import com.dotcms.rest.exception.SecurityException;
import com.dotmarketing.util.UtilMethods;
import com.dotmarketing.util.WebKeys;
import com.liferay.portal.model.User;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.class */
public class JsonWebTokenAuthCredentialProcessorImpl implements JsonWebTokenAuthCredentialProcessor {
    public static final String BEARER = "Bearer ";
    private final JsonWebTokenUtils jsonWebTokenUtils;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl$SingletonHolder.class */
    public static class SingletonHolder {
        private static final JsonWebTokenAuthCredentialProcessorImpl INSTANCE = new JsonWebTokenAuthCredentialProcessorImpl();

        private SingletonHolder() {
        }
    }

    public static JsonWebTokenAuthCredentialProcessorImpl getInstance() {
        return SingletonHolder.INSTANCE;
    }

    private JsonWebTokenAuthCredentialProcessorImpl() {
        this(JsonWebTokenUtils.getInstance());
    }

    @VisibleForTesting
    protected JsonWebTokenAuthCredentialProcessorImpl(JsonWebTokenUtils jsonWebTokenUtils) {
        this.jsonWebTokenUtils = jsonWebTokenUtils;
    }

    @Override // com.dotcms.auth.providers.jwt.JsonWebTokenAuthCredentialProcessor
    public User processAuthCredentialsFromJWT(String str, HttpSession httpSession) {
        User user = null;
        if (StringUtils.isNotEmpty(str) && str.trim().startsWith("Bearer ")) {
            String substring = str.substring("Bearer ".length());
            if (!UtilMethods.isSet(substring)) {
                throw new SecurityException("Invalid Json Web Token", Response.Status.BAD_REQUEST);
            }
            user = this.jsonWebTokenUtils.getUser(substring.trim());
            if (!UtilMethods.isSet(user)) {
                throw new SecurityException("Invalid Json Web Token", Response.Status.BAD_REQUEST);
            }
            if (null != httpSession) {
                httpSession.setAttribute(WebKeys.CMS_USER, user);
                httpSession.setAttribute(com.liferay.portal.util.WebKeys.USER_ID, user.getUserId());
            }
        }
        return user;
    }

    @Override // com.dotcms.auth.providers.jwt.JsonWebTokenAuthCredentialProcessor
    public User processAuthCredentialsFromJWT(HttpServletRequest httpServletRequest) {
        return processAuthCredentialsFromJWT(httpServletRequest.getHeader("Authorization"), httpServletRequest.getSession());
    }
}
