package com.atlassian.confluence.plugins.remotepageview.service;

import com.atlassian.confluence.pages.Page;
import com.atlassian.confluence.pages.PageManager;
import com.atlassian.confluence.plugins.remotepageview.api.service.TokenService;
import com.atlassian.confluence.plugins.remotepageview.jwt.JwtTokenGenerator;
import com.atlassian.confluence.plugins.remotepageview.rest.response.TokenResponse;
import com.atlassian.confluence.security.Permission;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.user.UserAccessor;
import com.atlassian.json.jsonorg.JSONObject;
import com.atlassian.sal.api.user.UserKey;
import java.util.Optional;
import javax.servlet.ServletRequest;
import javax.ws.rs.core.UriBuilder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:com/atlassian/confluence/plugins/remotepageview/service/JwtTokenService.class */
public class JwtTokenService implements TokenService {
    static final String JWT_SUBJECT = "jwt.subject.remote-page-view.jwtTokenResource";
    private static final String REMOTE_PAGE_VIEW_URI_PATH = "/plugins/servlet/remotepageview";
    private final PageManager pageManager;
    private final PermissionManager permissionManager;
    private final JwtTokenGenerator jwtTokenGenerator;
    private final UserAccessor userAccessor;

    @Autowired
    public JwtTokenService(PageManager pageManager, PermissionManager permissionManager, JwtTokenGenerator jwtTokenGenerator, UserAccessor userAccessor) {
        this.pageManager = pageManager;
        this.permissionManager = permissionManager;
        this.jwtTokenGenerator = jwtTokenGenerator;
        this.userAccessor = userAccessor;
    }

    @Override // com.atlassian.confluence.plugins.remotepageview.api.service.TokenService
    public Optional<TokenResponse> generateLoginTokenForUser(ConfluenceUser confluenceUser, long j) {
        Page page = this.pageManager.getPage(j);
        return (page == null || page.isDeleted()) ? Optional.empty() : this.permissionManager.hasPermission(confluenceUser, Permission.VIEW, page) ? getJwtTokenResponse(j, confluenceUser) : Optional.empty();
    }

    @Override // com.atlassian.confluence.plugins.remotepageview.api.service.TokenService
    public Optional<ConfluenceUser> getUserFromRequest(ServletRequest servletRequest) {
        String str = (String) servletRequest.getAttribute("jwt.payload");
        if (!StringUtils.isEmpty(str) && JWT_SUBJECT.equals((String) servletRequest.getAttribute("jwt.subject"))) {
            JSONObject jSONObject = new JSONObject(str);
            String string = jSONObject.has(JwtTokenGenerator.USER_KEY) ? jSONObject.getString(JwtTokenGenerator.USER_KEY) : "";
            if (StringUtils.isEmpty(string)) {
                return Optional.empty();
            }
            return Optional.ofNullable(this.userAccessor.getExistingUserByKey(new UserKey(string)));
        }
        return Optional.empty();
    }

    private Optional<TokenResponse> getJwtTokenResponse(long j, ConfluenceUser confluenceUser) {
        return Optional.of(new TokenResponse(this.jwtTokenGenerator.generate(JWT_SUBJECT, "POST", UriBuilder.fromPath(REMOTE_PAGE_VIEW_URI_PATH).queryParam(RemotePageViewServiceImpl.PAGEID_PARAM, new Object[]{Long.valueOf(j)}).build(new Object[0]), confluenceUser.getKey().getStringValue())));
    }
}
