package org.apache.james.jmap;

import com.google.common.annotations.VisibleForTesting;
import io.jsonwebtoken.JwtException;
import java.io.IOException;
import java.util.List;
import java.util.stream.Stream;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.james.jmap.exceptions.MailboxSessionCreationException;
import org.apache.james.jmap.exceptions.NoValidAuthHeaderException;
import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.mailbox.MailboxSession;
import org.apache.james.metrics.api.MetricFactory;
import org.apache.james.metrics.api.TimeMetric;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/jmap/AuthenticationFilter.class */
public class AuthenticationFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationFilter.class);
    public static final String MAILBOX_SESSION = "mailboxSession";
    private final List<AuthenticationStrategy> authMethods;
    private final MetricFactory metricFactory;

    @Inject
    @VisibleForTesting
    AuthenticationFilter(List<AuthenticationStrategy> list, MetricFactory metricFactory) {
        this.authMethods = list;
        this.metricFactory = metricFactory;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            filterChain.doFilter(authenticate((HttpServletRequest) servletRequest), servletResponse);
        } catch (MailboxSessionCreationException | NoValidAuthHeaderException | UnauthorizedException | JwtException e) {
            LOGGER.error("Exception occurred during authentication process", e);
            httpServletResponse.sendError(401);
        }
    }

    private HttpServletRequest authenticate(HttpServletRequest httpServletRequest) {
        TimeMetric timer = this.metricFactory.timer("JMAP-authentication-filter");
        try {
            HttpServletRequest httpServletRequest2 = (HttpServletRequest) this.authMethods.stream().flatMap(authenticationStrategy -> {
                return createSession(authenticationStrategy, httpServletRequest);
            }).findFirst().map(mailboxSession -> {
                return addSessionToRequest(httpServletRequest, mailboxSession);
            }).orElseThrow(UnauthorizedException::new);
            timer.stopAndPublish();
            return httpServletRequest2;
        } catch (Throwable th) {
            timer.stopAndPublish();
            throw th;
        }
    }

    private HttpServletRequest addSessionToRequest(HttpServletRequest httpServletRequest, MailboxSession mailboxSession) {
        httpServletRequest.setAttribute(MAILBOX_SESSION, mailboxSession);
        return httpServletRequest;
    }

    private Stream<MailboxSession> createSession(AuthenticationStrategy authenticationStrategy, HttpServletRequest httpServletRequest) {
        try {
            return Stream.of(authenticationStrategy.createMailboxSession(httpServletRequest));
        } catch (Exception e) {
            return Stream.empty();
        }
    }

    public void destroy() {
    }
}
