package io.automatiko.engine.service.auth;

import io.automatiko.engine.api.auth.IdentityProvider;
import io.automatiko.engine.api.auth.IdentitySupplier;
import io.automatiko.engine.services.identity.StaticIdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.context.ContextNotActiveException;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import org.eclipse.microprofile.config.inject.ConfigProperty;

@ApplicationScoped
/* loaded from: input_file:io/automatiko/engine/service/auth/SecuredIdentitySupplier.class */
public class SecuredIdentitySupplier implements IdentitySupplier {

    @Inject
    Instance<SecurityIdentity> securityInstance;

    @ConfigProperty(name = "quarkus.automatiko.security.authorized-only")
    Optional<Boolean> authroizedOnly;

    @ConfigProperty(name = "quarkus.automatiko.security.admin-role-name")
    Optional<String> adminRoleName;

    public IdentityProvider buildIdentityProvider(String str, List<String> list) {
        if (IdentityProvider.isSet()) {
            return IdentityProvider.get();
        }
        Principal retrievePrincipal = retrievePrincipal();
        if (this.securityInstance.isUnsatisfied() || retrievePrincipal == null) {
            StaticIdentityProvider staticIdentityProvider = new StaticIdentityProvider(this.adminRoleName.orElse("admin"), str, list);
            IdentityProvider.set(staticIdentityProvider);
            return staticIdentityProvider;
        }
        String name = retrievePrincipal.getName();
        if (!this.authroizedOnly.orElse(true).booleanValue() && str != null) {
            name = str;
        }
        StaticIdentityProvider staticIdentityProvider2 = new StaticIdentityProvider(this.adminRoleName.orElse("admin"), name, mergeRoles((SecurityIdentity) this.securityInstance.get(), list), ((SecurityIdentity) this.securityInstance.get()).getAttributes());
        IdentityProvider.set(staticIdentityProvider2);
        return staticIdentityProvider2;
    }

    protected List<String> mergeRoles(SecurityIdentity securityIdentity, List<String> list) {
        if (this.authroizedOnly.orElse(true).booleanValue() || list == null) {
            return new ArrayList(securityIdentity.getRoles());
        }
        ArrayList arrayList = new ArrayList(securityIdentity.getRoles());
        arrayList.addAll(list);
        return arrayList;
    }

    protected Principal retrievePrincipal() {
        if (this.securityInstance.isUnsatisfied()) {
            return null;
        }
        try {
            return ((SecurityIdentity) this.securityInstance.get()).getPrincipal();
        } catch (IllegalStateException | ContextNotActiveException e) {
            return null;
        }
    }
}
