package org.thingsboard.server.exception;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.msg.tools.TbRateLimitsException;
import org.thingsboard.server.service.security.exception.AuthMethodNotSupportedException;
import org.thingsboard.server.service.security.exception.JwtExpiredTokenException;
import org.thingsboard.server.service.security.exception.UserPasswordExpiredException;

@Component
/* loaded from: input_file:org/thingsboard/server/exception/ThingsboardErrorResponseHandler.class */
public class ThingsboardErrorResponseHandler implements AccessDeniedHandler {
    private static final Logger log = LoggerFactory.getLogger(ThingsboardErrorResponseHandler.class);

    @Autowired
    private ObjectMapper mapper;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.thingsboard.server.exception.ThingsboardErrorResponseHandler$1, reason: invalid class name */
    /* loaded from: input_file:org/thingsboard/server/exception/ThingsboardErrorResponseHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode = new int[ThingsboardErrorCode.values().length];

        static {
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.AUTHENTICATION.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.PERMISSION_DENIED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.INVALID_ARGUMENTS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.ITEM_NOT_FOUND.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.BAD_REQUEST_PARAMS.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[ThingsboardErrorCode.GENERAL.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        if (httpServletResponse.isCommitted()) {
            return;
        }
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setStatus(HttpStatus.FORBIDDEN.value());
        this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("You don't have permission to perform this operation!", ThingsboardErrorCode.PERMISSION_DENIED, HttpStatus.FORBIDDEN));
    }

    public void handle(Exception exc, HttpServletResponse httpServletResponse) {
        log.debug("Processing exception {}", exc.getMessage(), exc);
        if (httpServletResponse.isCommitted()) {
            return;
        }
        try {
            httpServletResponse.setContentType("application/json");
            if (exc instanceof ThingsboardException) {
                handleThingsboardException((ThingsboardException) exc, httpServletResponse);
            } else if (exc instanceof TbRateLimitsException) {
                handleRateLimitException(httpServletResponse, (TbRateLimitsException) exc);
            } else if (exc instanceof AccessDeniedException) {
                handleAccessDeniedException(httpServletResponse);
            } else if (exc instanceof AuthenticationException) {
                handleAuthenticationException((AuthenticationException) exc, httpServletResponse);
            } else {
                httpServletResponse.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
                this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of(exc.getMessage(), ThingsboardErrorCode.GENERAL, HttpStatus.INTERNAL_SERVER_ERROR));
            }
        } catch (IOException e) {
            log.error("Can't handle exception", e);
        }
    }

    private void handleThingsboardException(ThingsboardException thingsboardException, HttpServletResponse httpServletResponse) throws IOException {
        HttpStatus httpStatus;
        ThingsboardErrorCode errorCode = thingsboardException.getErrorCode();
        switch (AnonymousClass1.$SwitchMap$org$thingsboard$server$common$data$exception$ThingsboardErrorCode[errorCode.ordinal()]) {
            case 1:
                httpStatus = HttpStatus.UNAUTHORIZED;
                break;
            case 2:
                httpStatus = HttpStatus.FORBIDDEN;
                break;
            case 3:
                httpStatus = HttpStatus.BAD_REQUEST;
                break;
            case 4:
                httpStatus = HttpStatus.NOT_FOUND;
                break;
            case 5:
                httpStatus = HttpStatus.BAD_REQUEST;
                break;
            case 6:
                httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
                break;
            default:
                httpStatus = HttpStatus.INTERNAL_SERVER_ERROR;
                break;
        }
        httpServletResponse.setStatus(httpStatus.value());
        this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of(thingsboardException.getMessage(), errorCode, httpStatus));
    }

    private void handleRateLimitException(HttpServletResponse httpServletResponse, TbRateLimitsException tbRateLimitsException) throws IOException {
        httpServletResponse.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
        this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("Too many requests for current " + tbRateLimitsException.getEntityType().name().toLowerCase() + "!", ThingsboardErrorCode.TOO_MANY_REQUESTS, HttpStatus.TOO_MANY_REQUESTS));
    }

    private void handleAccessDeniedException(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(HttpStatus.FORBIDDEN.value());
        this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("You don't have permission to perform this operation!", ThingsboardErrorCode.PERMISSION_DENIED, HttpStatus.FORBIDDEN));
    }

    private void handleAuthenticationException(AuthenticationException authenticationException, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        if (authenticationException instanceof BadCredentialsException) {
            this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("Invalid username or password", ThingsboardErrorCode.AUTHENTICATION, HttpStatus.UNAUTHORIZED));
            return;
        }
        if (authenticationException instanceof JwtExpiredTokenException) {
            this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("Token has expired", ThingsboardErrorCode.JWT_TOKEN_EXPIRED, HttpStatus.UNAUTHORIZED));
            return;
        }
        if (authenticationException instanceof AuthMethodNotSupportedException) {
            this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of(authenticationException.getMessage(), ThingsboardErrorCode.AUTHENTICATION, HttpStatus.UNAUTHORIZED));
        } else {
            if (!(authenticationException instanceof UserPasswordExpiredException)) {
                this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardErrorResponse.of("Authentication failed", ThingsboardErrorCode.AUTHENTICATION, HttpStatus.UNAUTHORIZED));
                return;
            }
            UserPasswordExpiredException userPasswordExpiredException = (UserPasswordExpiredException) authenticationException;
            this.mapper.writeValue(httpServletResponse.getWriter(), ThingsboardCredentialsExpiredResponse.of(userPasswordExpiredException.getMessage(), userPasswordExpiredException.getResetToken()));
        }
    }
}
