package org.wso2.micro.integrator.management.apis.security.handler;

import java.util.Map;
import java.util.Objects;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.wso2.carbon.inbound.endpoint.internal.http.api.InternalAPIHandler;

/* loaded from: input_file:org/wso2/micro/integrator/management/apis/security/handler/SecurityHandlerAdapter.class */
public abstract class SecurityHandlerAdapter implements InternalAPIHandler {
    public Boolean invoke(MessageContext messageContext) {
        String trim;
        Map headers = SecurityUtils.getHeaders(((Axis2MessageContext) messageContext).getAxis2MessageContext());
        if (!Objects.nonNull(headers)) {
            return false;
        }
        if (!Objects.nonNull(headers.get("Authorization"))) {
            clearHeaders(headers);
            headers.put(AuthConstants.WWW_AUTHENTICATE, AuthConstants.WWW_AUTH_METHOD);
            SecurityUtils.setStatusCode(messageContext, AuthConstants.SC_UNAUTHORIZED);
            return false;
        }
        String str = (String) headers.get("Authorization");
        if (str.startsWith(AuthConstants.BASIC_AUTH_HEADER_TOKEN_TYPE) && str.length() >= AuthConstants.BASIC_AUTH_HEADER_TOKEN_TYPE.length() + 1) {
            trim = str.substring(AuthConstants.BASIC_AUTH_HEADER_TOKEN_TYPE.length() + 1).trim();
        } else {
            if (!str.startsWith(AuthConstants.BEARER_AUTH_HEADER_TOKEN_TYPE) || str.length() < AuthConstants.BEARER_AUTH_HEADER_TOKEN_TYPE.length() + 1) {
                clearHeaders(headers);
                SecurityUtils.setStatusCode(messageContext, AuthConstants.SC_UNAUTHORIZED);
                return false;
            }
            trim = str.substring(AuthConstants.BEARER_AUTH_HEADER_TOKEN_TYPE.length() + 1).trim();
        }
        if (authenticate(trim).booleanValue()) {
            return true;
        }
        clearHeaders(headers);
        SecurityUtils.setStatusCode(messageContext, AuthConstants.SC_UNAUTHORIZED);
        return false;
    }

    protected abstract Boolean authenticate(String str);

    public Map clearHeaders(Map map) {
        Object obj = map.get("Access-Control-Allow-Origin");
        Object obj2 = map.get("Access-Control-Allow-Methods");
        Object obj3 = map.get("Access-Control-Allow-Headers");
        map.clear();
        if (obj != null) {
            map.put("Access-Control-Allow-Origin", obj);
        }
        if (obj2 != null) {
            map.put("Access-Control-Allow-Methods", obj2);
        }
        if (obj3 != null) {
            map.put("Access-Control-Allow-Headers", obj3);
        }
        return map;
    }
}
