package io.getlime.security.powerauth.rest.api.spring.annotation;

import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

@Component
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/spring/annotation/PowerAuthAnnotationInterceptor.class */
public class PowerAuthAnnotationInterceptor extends HandlerInterceptorAdapter {
    private PowerAuthAuthenticationProvider authenticationProvider;

    @Autowired
    public void setAuthenticationProvider(PowerAuthAuthenticationProvider powerAuthAuthenticationProvider) {
        this.authenticationProvider = powerAuthAuthenticationProvider;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (obj instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) obj;
            PowerAuth powerAuth = (PowerAuth) handlerMethod.getMethodAnnotation(PowerAuth.class);
            PowerAuthToken powerAuthToken = (PowerAuthToken) handlerMethod.getMethodAnnotation(PowerAuthToken.class);
            if (powerAuth != null && powerAuthToken != null) {
                Logger.getLogger(getClass().getName()).log(Level.SEVERE, "You cannot use both @PowerAuth and @PowerAuthToken on same handler method. We are removing both.");
                powerAuth = null;
                powerAuthToken = null;
            }
            if (powerAuth != null) {
                try {
                    httpServletRequest.setAttribute(PowerAuth.AUTHENTICATION_OBJECT, this.authenticationProvider.validateRequestSignature(httpServletRequest, powerAuth.resourceId(), httpServletRequest.getHeader("X-PowerAuth-Authorization"), new ArrayList(Arrays.asList(powerAuth.signatureType()))));
                } catch (PowerAuthAuthenticationException e) {
                    httpServletRequest.setAttribute(PowerAuth.AUTHENTICATION_OBJECT, (Object) null);
                }
            }
            if (powerAuthToken != null) {
                try {
                    httpServletRequest.setAttribute(PowerAuth.AUTHENTICATION_OBJECT, this.authenticationProvider.validateToken(httpServletRequest.getHeader("X-PowerAuth-Token"), new ArrayList(Arrays.asList(powerAuthToken.signatureType()))));
                } catch (PowerAuthAuthenticationException e2) {
                    httpServletRequest.setAttribute(PowerAuth.AUTHENTICATION_OBJECT, (Object) null);
                }
            }
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }
}
