package io.cellery.observability.api.interceptor;

import io.cellery.observability.api.Constants;
import io.cellery.observability.api.exception.OIDCProviderException;
import io.cellery.observability.api.internal.ServiceHolder;
import javax.ws.rs.core.Cookie;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.wso2.msf4j.Request;
import org.wso2.msf4j.Response;
import org.wso2.msf4j.interceptor.RequestInterceptor;

/* loaded from: input_file:io/cellery/observability/api/interceptor/AuthInterceptor.class */
public class AuthInterceptor implements RequestInterceptor {
    private static final Logger logger = Logger.getLogger(AuthInterceptor.class);

    public boolean interceptRequest(Request request, Response response) {
        if ("OPTIONS".equalsIgnoreCase(request.getHttpMethod())) {
            return true;
        }
        if (StringUtils.isNotEmpty(request.getUri()) && request.getUri().startsWith("/api/auth")) {
            return true;
        }
        String header = request.getHeader(Constants.AUTHORIZATION);
        Cookie cookie = (Cookie) request.getHeaders().getCookies().get(Constants.HTTP_ONLY_SESSION_COOKIE);
        if (!StringUtils.isNotEmpty(header) || cookie == null || !StringUtils.isNotEmpty(cookie.getValue())) {
            response.setStatus(401);
            return false;
        }
        try {
            if (ServiceHolder.getOidcOauthManager().validateToken(header.split(" ")[1] + cookie.getValue())) {
                return true;
            }
            response.setStatus(401);
            return false;
        } catch (OIDCProviderException e) {
            logger.debug("Error occurred while authenticating the access token", e);
            response.setStatus(401);
            return false;
        }
    }
}
