package io.inkstand.http.undertow;

import io.inkstand.InkstandRuntimeException;
import io.inkstand.ProtectedService;
import io.inkstand.config.WebServerConfiguration;
import io.undertow.Undertow;
import io.undertow.security.api.AuthenticationMode;
import io.undertow.security.handlers.AuthenticationCallHandler;
import io.undertow.security.handlers.AuthenticationConstraintHandler;
import io.undertow.security.handlers.AuthenticationMechanismsHandler;
import io.undertow.security.handlers.SecurityInitialHandler;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.impl.BasicAuthenticationMechanism;
import io.undertow.server.HttpHandler;
import io.undertow.servlet.Servlets;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.DeploymentManager;
import java.util.Collections;
import javax.annotation.Priority;
import javax.enterprise.inject.Produces;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.ServletException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
@Priority(0)
@ProtectedService
/* loaded from: input_file:io/inkstand/http/undertow/AuthenticatingUndertowWebServerProvider.class */
public class AuthenticatingUndertowWebServerProvider {
    private static final Logger LOG = LoggerFactory.getLogger(UndertowWebServerProvider.class);

    @Inject
    private WebServerConfiguration config;

    @Inject
    private DeploymentInfo deploymentInfo;

    @Inject
    private IdentityManager identityManager;

    @Produces
    public Undertow getLdapAuthUndertow() {
        this.deploymentInfo.setIdentityManager(this.identityManager);
        DeploymentManager addDeployment = Servlets.defaultContainer().addDeployment(this.deploymentInfo);
        addDeployment.deploy();
        try {
            LOG.info("Creating service endpoint {}:{}/{} for {} at ", new Object[]{this.config.getBindAddress(), Integer.valueOf(this.config.getPort()), this.deploymentInfo.getContextPath(), this.deploymentInfo.getDeploymentName()});
            return Undertow.builder().addHttpListener(this.config.getPort(), this.config.getBindAddress()).setHandler(addSecurity(addDeployment.start())).build();
        } catch (ServletException e) {
            throw new InkstandRuntimeException(e);
        }
    }

    HttpHandler addSecurity(HttpHandler httpHandler) {
        return new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, this.identityManager, new AuthenticationMechanismsHandler(new AuthenticationConstraintHandler(new AuthenticationCallHandler(httpHandler)), Collections.singletonList(new BasicAuthenticationMechanism("My Realm"))));
    }
}
