package ca.courrierpro.rest;

import ca.courrierpro.c2000ws.model.Erreur;
import ca.courrierpro.rest.controller.DocController;
import ca.courrierpro.rest.controller.RootController;
import ca.courrierpro.rest.controller.v1.AuthController;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Enumeration;
import java.util.StringTokenizer;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.cxf.transport.http.auth.HttpAuthHeader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;

@Component
/* loaded from: input_file:BOOT-INF/classes/ca/courrierpro/rest/AuthInterceptor.class */
public class AuthInterceptor extends HandlerInterceptorAdapter {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AuthInterceptor.class);
    private static final String secretKey = "bLJ6*gNhd-BuZRfR";
    private final ObjectMapper objectMapper;

    @Value("${multiclients.active}")
    private Boolean multiClientsActive;

    @Autowired
    public AuthInterceptor(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String nextToken;
        if (obj instanceof ResourceHttpRequestHandler) {
            return true;
        }
        if (obj instanceof HandlerMethod) {
            Class<?> cls = ((HandlerMethod) obj).getBean().getClass();
            if (cls.equals(DocController.class) || cls.equals(RootController.class) || cls.equals(AuthController.class)) {
                return true;
            }
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (StringUtils.isNotEmpty(header)) {
            StringTokenizer stringTokenizer = new StringTokenizer(header);
            if (stringTokenizer.hasMoreTokens()) {
                String nextToken2 = stringTokenizer.nextToken();
                if (stringTokenizer.hasMoreTokens()) {
                    if (nextToken2.equalsIgnoreCase(HttpAuthHeader.AUTH_TYPE_BASIC)) {
                        nextToken = new String(Base64.decodeBase64(stringTokenizer.nextToken()), "UTF-8").split(":")[0];
                    } else {
                        if (!nextToken2.equalsIgnoreCase("Bearer")) {
                            throw new IllegalArgumentException("Unsupported auth scheme!");
                        }
                        nextToken = stringTokenizer.nextToken();
                    }
                    try {
                        SecretKeySpec secretKeySpec = new SecretKeySpec(DigestUtils.md5(secretKey), "AES");
                        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                        byte[] decodeBase64 = Base64.decodeBase64(nextToken);
                        cipher.init(2, secretKeySpec, new IvParameterSpec(decodeBase64, 0, 16));
                        httpServletRequest.setAttribute("apiKey", this.objectMapper.readValue(new String(cipher.doFinal(decodeBase64, 16, decodeBase64.length - 16)), ApiKey.class));
                        httpServletRequest.setAttribute("apiKeyEncrypted", nextToken);
                        if (!this.multiClientsActive.booleanValue()) {
                            httpServletRequest.setAttribute("clientName", null);
                            return true;
                        }
                        String header2 = httpServletRequest.getHeader("x-client-name");
                        if (!StringUtils.isBlank(header2)) {
                            httpServletRequest.setAttribute("clientName", header2);
                            return true;
                        }
                        LOG.info("Headers:");
                        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
                        while (headerNames.hasMoreElements()) {
                            String nextElement = headerNames.nextElement();
                            LOG.info(nextElement + ":" + httpServletRequest.getHeader(nextElement));
                        }
                        throw new RuntimeException("In multi client mode, x-client-name header must be present.");
                    } catch (Exception e) {
                        LOG.warn(e.toString());
                    }
                }
            }
        }
        Erreur erreur = new Erreur();
        erreur.setErreurCode("401");
        erreur.setErreurMessage("Invalid or empty authentication provided!");
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("application/json");
        this.objectMapper.writeValue(httpServletResponse.getWriter(), erreur);
        httpServletResponse.flushBuffer();
        return false;
    }
}
