package com.gentics.contentnode.rest;

import com.gentics.api.lib.exception.NodeException;
import com.gentics.contentnode.object.SystemUser;
import com.gentics.contentnode.rest.model.Reference;
import com.gentics.contentnode.rest.model.response.AuthenticationResponse;
import com.gentics.contentnode.rest.model.response.ResponseCode;
import com.gentics.contentnode.rest.model.response.ResponseInfo;
import com.gentics.contentnode.rest.util.ModelBuilder;
import com.gentics.lib.base.factory.Session;
import com.gentics.lib.base.factory.SessionToken;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;

@Path("/auth")
/* loaded from: input_file:com/gentics/contentnode/rest/AuthenticationResource.class */
public class AuthenticationResource extends AbstractContentNodeResource {
    @GET
    @Path("/validate/{sid}")
    public AuthenticationResponse validate(@PathParam("sid") String str) {
        AuthenticationResponse authenticationResponse = new AuthenticationResponse();
        try {
            int validateSID = validateSID(str);
            authenticationResponse.setResponseInfo(new ResponseInfo(ResponseCode.OK, "Successfully validated given SID"));
            authenticationResponse.setUser(ModelBuilder.getUser((SystemUser) this.transaction.getObject(SystemUser.class, Integer.valueOf(validateSID)), new Reference[0]));
        } catch (Exception e) {
            authenticationResponse.setResponseInfo(new ResponseInfo(ResponseCode.INVALIDDATA, "Invalid SID given"));
        }
        return authenticationResponse;
    }

    protected int validateSID(String str) throws Exception {
        SessionToken sessionToken = new SessionToken(str);
        Session session = new Session(sessionToken.getSessionId(), this.transaction);
        if (sessionToken.authenticates(session)) {
            return session.getUserId();
        }
        throw new NodeException("SessionToken does not authenticate the session");
    }
}
