package com.linecorp.centraldogma.server.internal.admin.auth;

import com.linecorp.armeria.common.HttpRequest;
import com.linecorp.armeria.common.auth.OAuth2Token;
import com.linecorp.armeria.server.ServiceRequestContext;
import com.linecorp.armeria.server.auth.AuthTokenExtractors;
import com.linecorp.armeria.server.auth.Authorizer;
import com.linecorp.centraldogma.server.metadata.User;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;

/* loaded from: input_file:com/linecorp/centraldogma/server/internal/admin/auth/CsrfTokenAuthorizer.class */
public class CsrfTokenAuthorizer implements Authorizer<HttpRequest> {
    public CompletionStage<Boolean> authorize(ServiceRequestContext serviceRequestContext, HttpRequest httpRequest) {
        OAuth2Token oAuth2Token = (OAuth2Token) AuthTokenExtractors.oAuth2().apply(httpRequest.headers());
        if (oAuth2Token == null || !"anonymous".equals(oAuth2Token.accessToken())) {
            return CompletableFuture.completedFuture(false);
        }
        AuthUtil.setCurrentUser(serviceRequestContext, User.ADMIN);
        return CompletableFuture.completedFuture(true);
    }
}
