package io.gravitee.am.management.handlers.management.api.authentication.filter;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Arrays;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/authentication/filter/CheckAuthenticationCookieFilter.class */
public class CheckAuthenticationCookieFilter extends GenericFilterBean {

    @Value("${jwt.cookie-name:Auth-Graviteeio-AM}")
    private String authCookieName;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (httpServletRequest.getPathInfo() != null && httpServletRequest.getPathInfo().endsWith("/login/callback")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!isUserAuthenticated()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (httpServletRequest.getCookies() == null) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else if (Arrays.stream(httpServletRequest.getCookies()).filter(cookie -> {
            return this.authCookieName.equals(cookie.getName());
        }).findAny().isPresent()) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            SecurityContextHolder.clearContext();
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private boolean isUserAuthenticated() {
        return SecurityContextHolder.getContext().getAuthentication() != null && SecurityContextHolder.getContext().getAuthentication().isAuthenticated();
    }
}
