package org.wso2.ppaas.rest.endpoint.handlers;

import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.impl.HttpHeadersImpl;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.wso2.ppaas.rest.endpoint.context.AuthenticationContext;
import org.wso2.ppaas.rest.endpoint.oauth2.ValidationServiceClient;

/* loaded from: input_file:WEB-INF/classes/org/wso2/ppaas/rest/endpoint/handlers/OAuthHandler.class */
public class OAuthHandler extends AbstractAuthenticationAuthorizationHandler {
    private static Log log = LogFactory.getLog(OAuthHandler.class);
    private static String SUPPORTED_AUTHENTICATION_TYPE = "Bearer";
    private static String oauthValidationEndpoint;
    private static String username;
    private static String password;

    public void setOauthValidationEndpoint(String str) {
        oauthValidationEndpoint = str;
    }

    public void setUsername(String str) {
        username = str;
    }

    public void setPassword(String str) {
        password = str;
    }

    @Override // org.wso2.ppaas.rest.endpoint.handlers.AbstractAuthenticationAuthorizationHandler
    public boolean canHandle(String str) {
        return SUPPORTED_AUTHENTICATION_TYPE.equals(str);
    }

    @Override // org.wso2.ppaas.rest.endpoint.handlers.AbstractAuthenticationAuthorizationHandler
    public Response handle(Message message, ClassResourceInfo classResourceInfo) {
        try {
            ValidationServiceClient validationServiceClient = new ValidationServiceClient(oauthValidationEndpoint, username, password);
            String str = (String) new HttpHeadersImpl(message).getRequestHeaders().getFirst("Authorization");
            if (str.startsWith("Bearer ") && !validationServiceClient.validateAuthenticationRequest(str.substring(7).trim()).getValid()) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            AuthenticationContext.setAuthenticated(true);
            return null;
        } catch (Exception e) {
            log.error("Error while validating access token", e);
            return Response.status(Response.Status.FORBIDDEN).build();
        }
    }
}
