package com.linecorp.centraldogma.server.internal.admin.auth;

import com.linecorp.armeria.common.HttpRequest;
import com.linecorp.armeria.server.ServiceRequestContext;
import com.linecorp.armeria.server.auth.AuthTokenExtractors;
import com.linecorp.armeria.server.auth.Authorizer;
import com.linecorp.armeria.server.auth.OAuth2Token;
import com.linecorp.centraldogma.server.auth.SessionManager;
import com.linecorp.centraldogma.server.metadata.User;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/auth/SessionTokenAuthorizer.class */
public class SessionTokenAuthorizer implements Authorizer<HttpRequest> {
    private static final Logger logger = LoggerFactory.getLogger(SessionTokenAuthorizer.class);
    private final SessionManager sessionManager;
    private final Set<String> administrators;

    public SessionTokenAuthorizer(SessionManager sessionManager, Set<String> set) {
        this.sessionManager = (SessionManager) Objects.requireNonNull(sessionManager, "sessionManager");
        this.administrators = (Set) Objects.requireNonNull(set, "administrators");
    }

    public CompletionStage<Boolean> authorize(ServiceRequestContext serviceRequestContext, HttpRequest httpRequest) {
        OAuth2Token oAuth2Token = (OAuth2Token) AuthTokenExtractors.OAUTH2.apply(httpRequest.headers());
        return oAuth2Token == null ? CompletableFuture.completedFuture(false) : this.sessionManager.get(oAuth2Token.accessToken()).thenApply(session -> {
            if (session == null) {
                return false;
            }
            String username = session.username();
            AuthUtil.setCurrentUser(serviceRequestContext, new User(username, this.administrators.contains(username) ? User.LEVEL_ADMIN : User.LEVEL_USER));
            return true;
        });
    }
}
