package com.gitlab.credit_reference_platform.crp.gateway.security.configuration;

import com.gitlab.credit_reference_platform.crp.gateway.constant.ApiResponseCode;
import com.gitlab.credit_reference_platform.crp.gateway.http.security.token.ApiKeyAuthenticationToken;
import com.gitlab.credit_reference_platform.crp.gateway.mapper.ObjectMapperConfiguration;
import com.gitlab.credit_reference_platform.crp.gateway.model.GenericApiResponse;
import com.gitlab.credit_reference_platform.crp.gateway.security.authority.CRPGatewayGrantedAuthorities;
import com.gitlab.credit_reference_platform.crp.gateway.utils.GenericApiResponseUtils;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import org.apache.hc.core5.http.ContentType;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/classes/com/gitlab/credit_reference_platform/crp/gateway/security/configuration/ApiKeyAuthFilter.class */
public class ApiKeyAuthFilter implements Filter {
    public static final String API_KEY_HEADER = "apiKey";
    private static final Collection<GrantedAuthority> API_GRANTED_AUTHORITIES = Collections.singleton(CRPGatewayGrantedAuthorities.API);
    private final String authorizedApiKey;

    public ApiKeyAuthFilter(String str) {
        Assert.hasText(str, "authorizedApiKey cannot be empty for ApiKeyAuthFilter");
        this.authorizedApiKey = str;
    }

    @Override // jakarta.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            String header = ((HttpServletRequest) servletRequest).getHeader(API_KEY_HEADER);
            if (StringUtils.hasText(header)) {
                if (!this.authorizedApiKey.equals(header)) {
                    HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
                    httpServletResponse.setStatus(401);
                    httpServletResponse.setContentType(ContentType.APPLICATION_JSON.getMimeType());
                    GenericApiResponse errorResponse = GenericApiResponseUtils.errorResponse((Class<GenericApiResponse>) GenericApiResponse.class, ApiResponseCode.INVALID_API_KEY, "Invalid API Key");
                    httpServletResponse.getWriter().write(ObjectMapperConfiguration.createObjectMapper().writeValueAsString(errorResponse));
                    return;
                }
                SecurityContextHolder.getContext().setAuthentication(new ApiKeyAuthenticationToken(header, API_GRANTED_AUTHORITIES));
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
