package org.springframework.security.oauth2.provider.authentication;

import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-2.2.1.RELEASE.jar:org/springframework/security/oauth2/provider/authentication/BearerTokenExtractor.class */
public class BearerTokenExtractor implements TokenExtractor {
    private static final Log logger = LogFactory.getLog((Class<?>) BearerTokenExtractor.class);

    @Override // org.springframework.security.oauth2.provider.authentication.TokenExtractor
    public Authentication extract(HttpServletRequest httpServletRequest) {
        String extractToken = extractToken(httpServletRequest);
        if (extractToken != null) {
            return new PreAuthenticatedAuthenticationToken(extractToken, "");
        }
        return null;
    }

    protected String extractToken(HttpServletRequest httpServletRequest) {
        String extractHeaderToken = extractHeaderToken(httpServletRequest);
        if (extractHeaderToken == null) {
            logger.debug("Token not found in headers. Trying request parameters.");
            extractHeaderToken = httpServletRequest.getParameter(OAuth2AccessToken.ACCESS_TOKEN);
            if (extractHeaderToken == null) {
                logger.debug("Token not found in request parameters.  Not an OAuth2 request.");
            } else {
                httpServletRequest.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_TYPE, "Bearer");
            }
        }
        return extractHeaderToken;
    }

    protected String extractHeaderToken(HttpServletRequest httpServletRequest) {
        Enumeration<String> headers = httpServletRequest.getHeaders("Authorization");
        while (headers.hasMoreElements()) {
            String nextElement = headers.nextElement();
            if (nextElement.toLowerCase().startsWith("Bearer".toLowerCase())) {
                String trim = nextElement.substring("Bearer".length()).trim();
                httpServletRequest.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_TYPE, nextElement.substring(0, "Bearer".length()).trim());
                int indexOf = trim.indexOf(44);
                if (indexOf > 0) {
                    trim = trim.substring(0, indexOf);
                }
                return trim;
            }
        }
        return null;
    }
}
