package io.vertigo.vega.impl.rest.handler;

import io.vertigo.core.lang.Assertion;
import io.vertigo.dynamo.domain.model.DtObject;
import io.vertigo.vega.rest.exception.SessionException;
import io.vertigo.vega.rest.exception.VSecurityException;
import io.vertigo.vega.rest.metamodel.EndPointDefinition;
import io.vertigo.vega.security.UiSecurityTokenManager;
import spark.Request;
import spark.Response;

/* loaded from: input_file:io/vertigo/vega/impl/rest/handler/AccessTokenHandler.class */
final class AccessTokenHandler implements RouteHandler {
    private static final DtObject TOKEN_DATA = new DtObject() { // from class: io.vertigo.vega.impl.rest.handler.AccessTokenHandler.1
        private static final long serialVersionUID = 1;
    };
    public static final String HEADER_ACCESS_TOKEN = "x-access-token";
    private static final String INVALID_ACCESS_TOKEN_MSG = "Invalid access token";
    private final UiSecurityTokenManager uiSecurityTokenManager;
    private final EndPointDefinition endPointDefinition;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AccessTokenHandler(UiSecurityTokenManager uiSecurityTokenManager, EndPointDefinition endPointDefinition) {
        Assertion.checkNotNull(uiSecurityTokenManager);
        Assertion.checkNotNull(endPointDefinition);
        this.uiSecurityTokenManager = uiSecurityTokenManager;
        this.endPointDefinition = endPointDefinition;
    }

    @Override // io.vertigo.vega.impl.rest.handler.RouteHandler
    public Object handle(Request request, Response response, RouteContext routeContext, HandlerChain handlerChain) throws VSecurityException, SessionException {
        String str;
        if (this.endPointDefinition.isAccessTokenMandatory()) {
            str = request.headers(HEADER_ACCESS_TOKEN);
            if (str == null) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
            if (this.uiSecurityTokenManager.get(str).isEmpty()) {
                throw new VSecurityException(INVALID_ACCESS_TOKEN_MSG);
            }
        } else {
            str = null;
        }
        Object handle = handlerChain.handle(request, response, routeContext);
        if (str != null && this.endPointDefinition.isAccessTokenConsume()) {
            this.uiSecurityTokenManager.getAndRemove(str);
        }
        if (this.endPointDefinition.isAccessTokenPublish()) {
            response.header(HEADER_ACCESS_TOKEN, this.uiSecurityTokenManager.put(TOKEN_DATA));
        }
        return handle;
    }
}
