package org.fao.fi.security.server.providers.validators.token.spi;

import java.util.Iterator;
import java.util.List;
import javax.ws.rs.container.ContainerRequestContext;
import org.fao.fi.security.common.services.exceptions.BadRequestException;
import org.fao.fi.security.common.services.exceptions.token.InvalidTokenException;
import org.fao.fi.security.common.services.exceptions.token.MissingTokenException;
import org.fao.fi.security.common.services.exceptions.token.TokenProcessingException;
import org.fao.fi.security.common.support.token.spi.TokenProcessor;
import org.fao.fi.security.common.utilities.LoggingClient;
import org.fao.fi.security.server.providers.validators.SecuredResourceValidationServiceProvider;

/* loaded from: input_file:org/fao/fi/security/server/providers/validators/token/spi/AbstractTokenConsumer.class */
public abstract class AbstractTokenConsumer extends LoggingClient implements TokenConsumer, SecuredResourceValidationServiceProvider {
    private TokenManager _tokenManager;
    private TokenProcessor _tokenProcessor;

    public AbstractTokenConsumer(TokenManager tokenManager, TokenProcessor tokenProcessor) {
        this._tokenManager = tokenManager;
        this._tokenProcessor = tokenProcessor;
    }

    @Override // org.fao.fi.security.server.providers.validators.SecuredResourceValidationServiceProvider
    public synchronized boolean validate(ContainerRequestContext containerRequestContext) throws BadRequestException {
        try {
            consumeTokenIfValid(process(extractToken(containerRequestContext)));
            return true;
        } catch (InvalidTokenException e) {
            return false;
        } catch (Throwable th) {
            throw new BadRequestException(th.getMessage());
        }
    }

    @Override // org.fao.fi.security.server.providers.validators.token.spi.TokenConsumer
    public synchronized void consumeTokenIfValid(String str) throws InvalidTokenException {
        if (!isTokenValid(str)) {
            throw new InvalidTokenException("Provided token is invalid!");
        }
        this._tokenManager.remove(str);
    }

    @Override // org.fao.fi.security.server.providers.validators.token.spi.TokenConsumer
    public String extractToken(ContainerRequestContext containerRequestContext) throws MissingTokenException {
        List list = (List) containerRequestContext.getHeaders().get("fi-security-token");
        if (list == null || list.isEmpty()) {
            throw new MissingTokenException("No token header 'fi-security-token' available");
        }
        String str = null;
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str2 = (String) it.next();
            if (str2 != null) {
                str = str2;
                break;
            }
        }
        if (str == null || "".equals(str)) {
            throw new MissingTokenException("Token header 'fi-security-token' is available but it has no value");
        }
        return str;
    }

    @Override // org.fao.fi.security.server.providers.validators.token.spi.TokenConsumer
    public synchronized boolean isTokenValid(String str) throws InvalidTokenException {
        return str != null && this._tokenManager.exists(str);
    }

    @Override // org.fao.fi.security.server.providers.validators.token.spi.TokenConsumer
    public String process(String str) throws TokenProcessingException {
        return this._tokenProcessor.processBeforeConsumption(str);
    }
}
