package org.openremote.container.web;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Application;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import jakarta.ws.rs.core.UriInfo;
import org.keycloak.KeycloakPrincipal;
import org.openremote.container.security.AuthContext;
import org.openremote.container.security.basic.BasicAuthContext;
import org.openremote.container.security.keycloak.AccessTokenAuthContext;
import org.openremote.model.Container;

/* loaded from: input_file:org/openremote/container/web/WebResource.class */
public class WebResource implements AuthContext {

    @Context
    protected Application application;

    @Context
    protected HttpServletRequest request;

    @Context
    protected HttpServletResponse response;

    @Context
    protected UriInfo uriInfo;

    @Context
    protected HttpHeaders httpHeaders;

    @Context
    protected SecurityContext securityContext;

    public WebApplication getApplication() {
        return (WebApplication) this.application;
    }

    public Container getContainer() {
        return getApplication().getContainer();
    }

    public String getClientRemoteAddress() {
        return this.request.getRemoteAddr();
    }

    public String getRequestRealmName() {
        return this.request.getHeader("Realm");
    }

    public boolean isAuthenticated() {
        return this.securityContext.getUserPrincipal() != null;
    }

    public AuthContext getAuthContext() {
        KeycloakPrincipal userPrincipal = this.securityContext.getUserPrincipal();
        if (userPrincipal == null) {
            return null;
        }
        if (userPrincipal instanceof KeycloakPrincipal) {
            KeycloakPrincipal keycloakPrincipal = userPrincipal;
            return new AccessTokenAuthContext(keycloakPrincipal.getKeycloakSecurityContext().getRealm(), keycloakPrincipal.getKeycloakSecurityContext().getToken());
        }
        if (userPrincipal instanceof BasicAuthContext) {
            return (BasicAuthContext) userPrincipal;
        }
        throw new WebApplicationException("Unsupported user principal type: " + userPrincipal, Response.Status.INTERNAL_SERVER_ERROR);
    }

    @Override // org.openremote.container.security.AuthContext
    public String getAuthenticatedRealmName() {
        if (isAuthenticated()) {
            return getAuthContext().getAuthenticatedRealmName();
        }
        return null;
    }

    @Override // org.openremote.container.security.AuthContext
    public String getUsername() {
        if (isAuthenticated()) {
            return getAuthContext().getUsername();
        }
        return null;
    }

    @Override // org.openremote.container.security.AuthContext
    public String getUserId() {
        if (isAuthenticated()) {
            return getAuthContext().getUserId();
        }
        return null;
    }

    @Override // org.openremote.container.security.AuthContext
    public String getClientId() {
        if (isAuthenticated()) {
            return getAuthContext().getClientId();
        }
        return null;
    }

    @Override // org.openremote.container.security.AuthContext
    public boolean hasRealmRole(String str) {
        return isAuthenticated() && getAuthContext().hasRealmRole(str);
    }

    @Override // org.openremote.container.security.AuthContext
    public boolean hasResourceRole(String str, String str2) {
        return isAuthenticated() && getAuthContext().hasResourceRole(str, str2);
    }
}
