package io.getlime.security.powerauth.rest.api.jaxrs.controller.v3;

import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthSecureVaultException;
import io.getlime.security.powerauth.rest.api.jaxrs.service.v3.SecureVaultService;
import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({"application/json"})
@Path("pa/v3/vault")
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/jaxrs/controller/v3/SecureVaultController.class */
public class SecureVaultController {
    private static final Logger logger = LoggerFactory.getLogger(SecureVaultController.class);

    @Inject
    private SecureVaultService secureVaultServiceV3;

    @Context
    private HttpServletRequest httpServletRequest;

    @Path("unlock")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public EciesEncryptedResponse unlockVault(@HeaderParam("X-PowerAuth-Authorization") String str, EciesEncryptedRequest eciesEncryptedRequest, @Context HttpServletRequest httpServletRequest) throws PowerAuthAuthenticationException, PowerAuthSecureVaultException {
        if (eciesEncryptedRequest == null) {
            logger.warn("Invalid request object in vault unlock");
            throw new PowerAuthAuthenticationException();
        }
        PowerAuthSignatureHttpHeader fromValue = new PowerAuthSignatureHttpHeader().fromValue(str);
        try {
            PowerAuthSignatureHttpHeaderValidator.validate(fromValue);
            if ("3.0".equals(fromValue.getVersion())) {
                return this.secureVaultServiceV3.vaultUnlock(fromValue, eciesEncryptedRequest, httpServletRequest);
            }
            logger.warn("Endpoint does not support PowerAuth protocol version {}", fromValue.getVersion());
            throw new PowerAuthAuthenticationException();
        } catch (InvalidPowerAuthHttpHeaderException e) {
            throw new PowerAuthAuthenticationException(e.getMessage());
        }
    }
}
