package org.apache.nifi.web.security.jwt.resolver;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.web.security.http.SecurityCookieName;
import org.apache.nifi.web.security.http.SecurityHeader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:org/apache/nifi/web/security/jwt/resolver/StandardBearerTokenResolver.class */
public class StandardBearerTokenResolver implements BearerTokenResolver {
    private static final Logger LOGGER = LoggerFactory.getLogger(StandardBearerTokenResolver.class);
    private static final String BEARER_PREFIX = "Bearer ";

    public String resolve(HttpServletRequest httpServletRequest) {
        String str = null;
        String header = httpServletRequest.getHeader(SecurityHeader.AUTHORIZATION.getHeader());
        if (StringUtils.startsWithIgnoreCase(header, BEARER_PREFIX)) {
            str = StringUtils.removeStartIgnoreCase(header, BEARER_PREFIX);
        } else {
            Cookie cookie = WebUtils.getCookie(httpServletRequest, SecurityCookieName.AUTHORIZATION_BEARER.getName());
            if (cookie == null) {
                LOGGER.trace("Bearer Token not found in Header or Cookie");
            } else {
                str = cookie.getValue();
            }
        }
        return str;
    }
}
