package io.preboot.auth.core.spring;

import io.preboot.auth.api.dto.UserAccountInfo;
import io.preboot.auth.api.exception.SessionExpiredException;
import io.preboot.auth.core.model.UserAccountSession;
import io.preboot.auth.core.service.JwtTokenService;
import io.preboot.auth.core.service.SessionService;
import io.preboot.auth.core.usecase.GetUserAccountUseCase;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.invoke.SerializedLambda;
import java.time.Instant;
import java.util.HashSet;
import java.util.List;
import lombok.Generated;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:io/preboot/auth/core/spring/JwtAuthenticationFilter.class */
public class JwtAuthenticationFilter extends OncePerRequestFilter {
    private final JwtTokenService jwtTokenService;
    private final SessionService sessionService;
    private final GetUserAccountUseCase getUserAccountUseCase;
    private final List<String> EXCLUDED_PATHS;

    protected boolean shouldNotFilter(HttpServletRequest httpServletRequest) {
        return this.EXCLUDED_PATHS.stream().anyMatch(str -> {
            return httpServletRequest.getServletPath().equals(str);
        });
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null && header.startsWith("Bearer ")) {
            try {
                UserAccountSession session = this.sessionService.getSession(this.jwtTokenService.extractSessionId(header.substring(7)));
                if (session.getExpiresAt().isBefore(Instant.now())) {
                    throw new SessionExpiredException("Session has expired");
                }
                UserAccountInfo execute = this.getUserAccountUseCase.execute(session.getUserAccountId(), session.getTenantId());
                HashSet hashSet = new HashSet();
                execute.roles().forEach(str -> {
                    hashSet.add(() -> {
                        return "ROLE_" + str;
                    });
                });
                execute.permissions().forEach(str2 -> {
                    hashSet.add(() -> {
                        return str2;
                    });
                });
                execute.customPermissions().forEach(str3 -> {
                    hashSet.add(() -> {
                        return str3;
                    });
                });
                SecurityContextHolder.getContext().setAuthentication(new SessionAwareAuthentication(execute, session.getSessionId(), hashSet));
            } catch (Exception e) {
                SecurityContextHolder.clearContext();
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    @Generated
    public JwtAuthenticationFilter(JwtTokenService jwtTokenService, SessionService sessionService, GetUserAccountUseCase getUserAccountUseCase, List<String> list) {
        this.jwtTokenService = jwtTokenService;
        this.sessionService = sessionService;
        this.getUserAccountUseCase = getUserAccountUseCase;
        this.EXCLUDED_PATHS = list;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -2067895454:
                if (implMethodName.equals("lambda$doFilterInternal$6875f4aa$1")) {
                    z = true;
                    break;
                }
                break;
            case -1541214433:
                if (implMethodName.equals("lambda$doFilterInternal$77ade371$1")) {
                    z = 2;
                    break;
                }
                break;
            case -1541214432:
                if (implMethodName.equals("lambda$doFilterInternal$77ade371$2")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/springframework/security/core/GrantedAuthority") && serializedLambda.getFunctionalInterfaceMethodName().equals("getAuthority") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/String;") && serializedLambda.getImplClass().equals("io/preboot/auth/core/spring/JwtAuthenticationFilter") && serializedLambda.getImplMethodSignature().equals("(Ljava/lang/String;)Ljava/lang/String;")) {
                    String str = (String) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return str;
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/springframework/security/core/GrantedAuthority") && serializedLambda.getFunctionalInterfaceMethodName().equals("getAuthority") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/String;") && serializedLambda.getImplClass().equals("io/preboot/auth/core/spring/JwtAuthenticationFilter") && serializedLambda.getImplMethodSignature().equals("(Ljava/lang/String;)Ljava/lang/String;")) {
                    String str2 = (String) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return "ROLE_" + str2;
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/springframework/security/core/GrantedAuthority") && serializedLambda.getFunctionalInterfaceMethodName().equals("getAuthority") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/String;") && serializedLambda.getImplClass().equals("io/preboot/auth/core/spring/JwtAuthenticationFilter") && serializedLambda.getImplMethodSignature().equals("(Ljava/lang/String;)Ljava/lang/String;")) {
                    String str3 = (String) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return str3;
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
