package inc.yukawa.chain.security.jwt.flux;

import inc.yukawa.chain.security.AuthCode;
import inc.yukawa.chain.security.jwt.token.json.JsonWebAuthenticationToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpCookie;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.web.server.context.ServerSecurityContextRepository;
import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:chain-security-jwt-2.0.5.jar:inc/yukawa/chain/security/jwt/flux/JwtFluxSecurityContextRepository.class */
public class JwtFluxSecurityContextRepository implements ServerSecurityContextRepository {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JwtFluxSecurityContextRepository.class);
    private final ReactiveAuthenticationManager authenticationManager;
    private final String headerName = "Authorization";
    private final String cookieName = AuthCode.AUTHENTICATION_COOKIE_NAME;

    public JwtFluxSecurityContextRepository(ReactiveAuthenticationManager reactiveAuthenticationManager) {
        this.authenticationManager = reactiveAuthenticationManager;
    }

    @Override // org.springframework.security.web.server.context.ServerSecurityContextRepository
    public Mono<Void> save(ServerWebExchange serverWebExchange, SecurityContext securityContext) {
        log.debug("save: {}", serverWebExchange.getRequest().getPath());
        throw new UnsupportedOperationException("JwtFluxSecurityContextRepository.save not implemented");
    }

    @Override // org.springframework.security.web.server.context.ServerSecurityContextRepository
    public Mono<SecurityContext> load(ServerWebExchange serverWebExchange) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        log.debug("load: {} {}", request.getMethod(), request.getPath());
        String extractToken = extractToken(request);
        if (extractToken == null) {
            return Mono.empty();
        }
        return this.authenticationManager.authenticate(new JsonWebAuthenticationToken(extractToken)).map(authentication -> {
            return new SecurityContextImpl(authentication);
        }).onErrorMap(th -> {
            return th instanceof AuthenticationException;
        }, th2 -> {
            return new ResponseStatusException(HttpStatus.UNAUTHORIZED, th2.getMessage(), th2);
        });
    }

    protected String extractToken(ServerHttpRequest serverHttpRequest) {
        if ("Authorization" != 0 && serverHttpRequest.getHeaders().containsKey("Authorization")) {
            log.trace("Extract Token: header = {}", "Authorization");
            String first = serverHttpRequest.getHeaders().getFirst("Authorization");
            if (first != null && first.startsWith("Bearer ")) {
                return first.substring(7);
            }
        }
        if (AuthCode.AUTHENTICATION_COOKIE_NAME == 0 || !serverHttpRequest.getCookies().containsKey(AuthCode.AUTHENTICATION_COOKIE_NAME)) {
            return null;
        }
        HttpCookie first2 = serverHttpRequest.getCookies().getFirst(AuthCode.AUTHENTICATION_COOKIE_NAME);
        log.trace("Extract Token: cookie {}", AuthCode.AUTHENTICATION_COOKIE_NAME);
        if (first2 != null) {
            return first2.getValue();
        }
        return null;
    }
}
