package org.simantics.scl.rest;

import java.io.IOException;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;

/* loaded from: input_file:org/simantics/scl/rest/AuthorizationFilter.class */
public class AuthorizationFilter implements ContainerRequestFilter {
    private final String token;

    public AuthorizationFilter(String str) {
        this.token = str;
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        String headerString = containerRequestContext.getHeaderString("Authorization");
        if (headerString == null || !headerString.startsWith("SCLRESTServer-Bearer ")) {
            throw new NotAuthorizedException("Authorization header must be provided", new Object[0]);
        }
        try {
            validateToken(headerString.substring("SCLRESTServer-Bearer".length()).trim());
        } catch (Exception unused) {
            containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
        }
    }

    private void validateToken(String str) throws Exception {
        if (!this.token.equals(str)) {
            throw new Exception("Wrong token!");
        }
    }
}
