package org.apache.isis.viewer.json.viewer.authentication;

import com.google.common.base.Splitter;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import java.util.Collections;
import java.util.List;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.isis.core.commons.authentication.AuthenticationSession;
import org.apache.isis.core.runtime.authentication.standard.SimpleSession;
import org.apache.isis.runtimes.dflt.webapp.auth.AuthenticationSessionStrategyAbstract;

/* loaded from: input_file:org/apache/isis/viewer/json/viewer/authentication/AuthenticationSessionStrategyHeader.class */
public class AuthenticationSessionStrategyHeader extends AuthenticationSessionStrategyAbstract {
    public AuthenticationSession lookupValid(ServletRequest servletRequest, ServletResponse servletResponse) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader("isis.user");
        List<String> rolesFrom = rolesFrom(httpServletRequest);
        if (Strings.isNullOrEmpty(header)) {
            return null;
        }
        return new SimpleSession(header, rolesFrom);
    }

    protected List<String> rolesFrom(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("isis.roles");
        return header == null ? Collections.emptyList() : Lists.newArrayList(Splitter.on(",").split(header));
    }
}
