package org.eclipsefoundation.efservices.config;

import jakarta.enterprise.context.RequestScoped;
import jakarta.enterprise.inject.Produces;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ResourceInfo;
import org.eclipsefoundation.efservices.api.models.DrupalOAuthData;
import org.eclipsefoundation.efservices.helpers.DrupalAuthHelper;
import org.eclipsefoundation.efservices.models.AuthenticatedRequestWrapper;
import org.eclipsefoundation.efservices.namespace.RequestContextPropertyNames;
import org.eclipsefoundation.efservices.services.DrupalOAuthService;
import org.eclipsefoundation.efservices.services.ProfileService;
import org.eclipsefoundation.http.annotations.AuthenticatedAlternate;
import org.eclipsefoundation.http.config.OAuth2SecurityConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipsefoundation/efservices/config/AuthenticatedRequestWrapperProvider.class */
public class AuthenticatedRequestWrapperProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticatedRequestWrapperProvider.class);

    @RequestScoped
    @Produces
    public AuthenticatedRequestWrapper requestTokenWrapper(ContainerRequestContext containerRequestContext, ResourceInfo resourceInfo, DrupalOAuthService drupalOAuthService, ProfileService profileService, OAuth2SecurityConfig oAuth2SecurityConfig) {
        AuthenticatedAlternate annotation = resourceInfo.getResourceMethod().getAnnotation(AuthenticatedAlternate.class);
        if (annotation != null) {
            try {
                String stripBearerToken = DrupalAuthHelper.stripBearerToken(containerRequestContext.getHeaderString("Authorization"));
                DrupalOAuthData validateTokenStatus = drupalOAuthService.validateTokenStatus(stripBearerToken, oAuth2SecurityConfig.filter().validScopes(), oAuth2SecurityConfig.filter().validClientIds());
                if (validateTokenStatus != null) {
                    containerRequestContext.setProperty(RequestContextPropertyNames.TOKEN_STATUS, validateTokenStatus);
                    if (validateTokenStatus.getUserId() != null) {
                        LOGGER.debug("Fetching user info for token with uid: {}", validateTokenStatus.getUserId());
                        return new AuthenticatedRequestWrapper(validateTokenStatus, drupalOAuthService.getTokenUserInfo(stripBearerToken), profileService);
                    }
                }
                return new AuthenticatedRequestWrapper(validateTokenStatus, null, profileService);
            } catch (Exception e) {
                LOGGER.debug("Invalid authentication", e);
                if (!annotation.allowPartialResponse()) {
                    throw e;
                }
            }
        }
        return new AuthenticatedRequestWrapper(null, null, profileService);
    }
}
