package org.wso2.carbon.registry.rest.api.handler;

import javax.ws.rs.core.Response;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.springframework.beans.factory.BeanFactory;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityUtil;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/registry/rest/api/handler/RestApiRequestAuthorizationHandler.class */
public class RestApiRequestAuthorizationHandler implements RequestHandler {
    protected Log log = LogFactory.getLog(RestApiRequestAuthorizationHandler.class);

    @Override // org.apache.cxf.jaxrs.ext.RequestHandler
    public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("request has been received at REST API handle request method");
        }
        String obj = message.get(Message.REQUEST_URL).toString();
        String obj2 = message.get(Message.QUERY_STRING) != null ? message.get(Message.QUERY_STRING).toString() : "";
        String usernameFromJwtToken = getUsernameFromJwtToken(message.get(Message.PROTOCOL_HEADERS).toString());
        try {
            String str = obj2 + (obj2.length() == 0 ? "" : BeanFactory.FACTORY_BEAN_PREFIX) + "username=" + usernameFromJwtToken + "&tenantid=" + String.valueOf(IdentityUtil.getTenantIdOFUser(usernameFromJwtToken));
            message.put(Message.REQUEST_URL, obj);
            message.put(Message.QUERY_STRING, str);
            return null;
        } catch (IdentityException e) {
            this.log.error(e.getMessage(), e);
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
    }

    private String getUsernameFromJwtToken(String str) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Extracting the username of the enduser from the JWT token");
        }
        String substring = str.substring(str.indexOf("x-jwt-assertion"));
        String str2 = new String(Base64.decodeBase64(substring.substring(substring.indexOf(".") + 1, substring.lastIndexOf(".")).getBytes()));
        String substring2 = str2.substring(str2.indexOf("http://wso2.org/claims/enduser") + "http://wso2.org/claims/enduser".length() + 1);
        String substring3 = substring2.substring(substring2.indexOf(34) + 1);
        return substring3.substring(0, substring3.indexOf(34));
    }
}
