package com.smeup.kokos.serverless;

import com.amazonaws.services.lambda.runtime.Context;
import com.amazonaws.services.lambda.runtime.RequestHandler;
import com.smeup.auth.ApiKeyVerificationException;
import com.smeup.kokos.auth.AuthorizationService;
import com.smeup.kokos.auth.exception.KokosAuthenticationException;
import com.smeup.kokos.model.KokosUser;
import com.smeup.kokos.serverless.model.AuthorizationRequest;
import com.smeup.kokos.serverless.model.AuthorizationResponse;
import com.smeup.kokos.serverless.model.PolicyDocument;
import com.smeup.kokos.serverless.model.Statement;
import java.util.Collections;
import java.util.HashMap;

/* loaded from: input_file:com/smeup/kokos/serverless/AuthorizationLambda.class */
public class AuthorizationLambda implements RequestHandler<AuthorizationRequest, AuthorizationResponse> {
    public AuthorizationResponse handleRequest(AuthorizationRequest authorizationRequest, Context context) {
        try {
            if (authorizationRequest.getAuthorizationToken() == null) {
                throw new KokosAuthenticationException("Missing header authorization");
            }
            KokosUser authorize = new AuthorizationService().authorize(authorizationRequest.getAuthorizationToken());
            HashMap hashMap = new HashMap();
            hashMap.put("sessionId", authorize.getSessionId());
            hashMap.put("username", authorize.getUsername());
            hashMap.put("environment", authorize.getDevice());
            hashMap.put("device", authorize.getDevice());
            return AuthorizationResponse.builder().principalId(authorize.getSessionId()).policyDocument(PolicyDocument.builder().statements(Collections.singletonList(Statement.builder().effect("Allow").resource(authorizationRequest.getMethodArn()).build())).build()).context(hashMap).build();
        } catch (KokosAuthenticationException | ApiKeyVerificationException e) {
            return AuthorizationResponse.builder().policyDocument(PolicyDocument.builder().statements(Collections.singletonList(Statement.builder().effect("Deny").resource(authorizationRequest.getMethodArn()).build())).build()).build();
        }
    }

    static {
        ConfigurationLoader.loadConfiguration();
    }
}
