package com.google.api.server.spi.auth;

import com.google.api.server.spi.EnvUtil;
import com.google.api.server.spi.auth.common.User;
import com.google.api.server.spi.config.ApiMethodConfig;
import com.google.api.server.spi.config.Authenticator;
import com.google.appengine.repackaged.com.google.common.annotations.VisibleForTesting;
import java.util.List;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/google/api/server/spi/auth/EndpointsAuthenticator.class */
public class EndpointsAuthenticator implements Authenticator {
    private final GoogleIdTokenUtils idTokenUtils;
    private final AppEngineAuthUtils appEngineAuthUtils;
    private final boolean clientIdWhitelistEnabled;

    public EndpointsAuthenticator(boolean z) {
        this.clientIdWhitelistEnabled = z;
        this.idTokenUtils = GoogleIdTokenUtils.getInstance();
        this.appEngineAuthUtils = new AppEngineAuthUtils(z);
    }

    public EndpointsAuthenticator() {
        this(true);
    }

    @VisibleForTesting
    public EndpointsAuthenticator(boolean z, GoogleIdTokenUtils googleIdTokenUtils, AppEngineAuthUtils appEngineAuthUtils) {
        this.clientIdWhitelistEnabled = z;
        this.idTokenUtils = googleIdTokenUtils;
        this.appEngineAuthUtils = appEngineAuthUtils;
    }

    @Override // com.google.api.server.spi.config.Authenticator
    public User authenticate(HttpServletRequest httpServletRequest) {
        throw new UnsupportedOperationException("EndpointsAuthenticator requres method configuration.");
    }

    public UserContainer authenticate(HttpServletRequest httpServletRequest, ApiMethodConfig apiMethodConfig) {
        com.google.appengine.api.users.User cookieUser;
        com.google.appengine.api.users.User currentUser;
        List<String> clientIds = apiMethodConfig.getClientIds();
        if (this.clientIdWhitelistEnabled && (clientIds == null || clientIds.isEmpty())) {
            return null;
        }
        UserContainer userContainer = null;
        String authToken = AuthUtils.getAuthToken(httpServletRequest);
        if (!AuthUtils.isEmptyOrWhitespace(authToken)) {
            if (AuthUtils.isIdToken(authToken)) {
                User currentUser2 = this.idTokenUtils.getCurrentUser(this.clientIdWhitelistEnabled, authToken, clientIds, apiMethodConfig.getAudiences());
                if (currentUser2 != null) {
                    userContainer = new UserContainer(currentUser2);
                }
            } else if (EnvUtil.isRunningOnAppEngine() && (currentUser = this.appEngineAuthUtils.getCurrentUser(authToken, apiMethodConfig)) != null) {
                userContainer = new UserContainer(currentUser);
            }
        }
        if (userContainer == null && EnvUtil.isRunningOnAppEngine() && (cookieUser = this.appEngineAuthUtils.getCookieUser()) != null) {
            userContainer = new UserContainer(cookieUser);
        }
        return userContainer;
    }
}
