package fr.aquasys.apigateway.security;

import fr.aquasys.apigateway.util.ConfUtil;
import fr.aquasys.rabbitmq.api.LogUtil;
import io.vertx.core.MultiMap;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.json.JsonObject;
import io.vertx.core.logging.LoggerFactory;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.xerces.impl.xs.SchemaSymbols;
import scala.Option;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:fr/aquasys/apigateway/security/Authorized.class */
public class Authorized {
    public static String getUser(MultiMap multiMap) {
        if (!StringUtils.isEmpty(ConfUtil.getEnv("LAUNCH_MODE")) && (!StringUtils.isNotEmpty(ConfUtil.getEnv("LAUNCH_MODE")) || "DEV_LAUNCH".equals(ConfUtil.getEnv("LAUNCH_MODE")))) {
            return "TEST_LOGIN_DEVELOPMENT";
        }
        String str = multiMap.get("Authorization");
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet("http://" + ConfUtil.getEnv("USER_HOST") + "/check");
        httpGet.addHeader(SchemaSymbols.ATTVAL_TOKEN, str);
        try {
            if (build.execute((HttpUriRequest) httpGet).getStatusLine().getStatusCode() != 200) {
                return null;
            }
            String str2 = new String(new BASE64Decoder().decodeBuffer(str.split("\\.")[1]), StandardCharsets.UTF_8);
            LoggerFactory.getLogger((Class<?>) Authorized.class).info(str2);
            LoggerFactory.getLogger((Class<?>) Authorized.class).info(str);
            return new JsonObject(str2).getString("login");
        } catch (IOException e) {
            LogUtil.error(ConfUtil.getConf(), e.getMessage(), Option.apply(null));
            return null;
        }
    }

    public static void enableCors(HttpServerRequest httpServerRequest) {
        httpServerRequest.response().headers().add("Access-Control-Allow-Origin", "*");
        httpServerRequest.response().headers().add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
        httpServerRequest.response().headers().add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type");
    }
}
