package kikaha.core.modules.security;

import io.undertow.security.api.NotificationReceiver;
import io.undertow.security.idm.Account;
import io.undertow.server.HttpServerExchange;
import java.beans.ConstructorProperties;
import java.util.Iterator;
import java.util.List;
import lombok.NonNull;

/* loaded from: input_file:kikaha/core/modules/security/DefaultSecurityContext.class */
public class DefaultSecurityContext implements SecurityContext {
    private static final String MSG_IMMUTABLE = "You can't change this immutable SecurityContext. See SecurityContextFactory for more details.";
    private static final String MSG_NO_MANUAL_LOGIN = "You can't perform a manual login.";
    private static final String MSG_NOT_SUPPORTED_BY_DEFAULT = "This operation is not supported by default.";
    private final boolean authenticationRequired = true;
    private AuthenticationMechanism currentAuthMechanism = null;
    private Session currentSession = null;
    private boolean authenticated = true;

    @NonNull
    private final AuthenticationRule rule;

    @NonNull
    private final HttpServerExchange exchange;

    @NonNull
    private final SessionStore store;

    public boolean authenticate() {
        this.currentSession = this.store.createOrRetrieveSession(this.exchange);
        Account performAuthentication = performAuthentication();
        if (performAuthentication == null) {
            this.authenticated = false;
            sendAuthenticationChallenge();
        }
        this.currentSession.setAuthenticatedAccount(performAuthentication);
        updateCurrentSession();
        return this.authenticated;
    }

    private Account performAuthentication() {
        Account account;
        Iterator<AuthenticationMechanism> it = this.rule.mechanisms().iterator();
        Account authenticatedAccount = this.currentSession.getAuthenticatedAccount();
        while (true) {
            account = authenticatedAccount;
            if (account != null || !it.hasNext()) {
                break;
            }
            this.currentAuthMechanism = it.next();
            authenticatedAccount = this.currentAuthMechanism.authenticate(this.exchange, this.rule.identityManagers(), this.currentSession);
        }
        return account;
    }

    private void sendAuthenticationChallenge() {
        if (!this.currentAuthMechanism.sendAuthenticationChallenge(this.exchange, this.currentSession)) {
            throw new IllegalStateException("Cannot send authentication challenge");
        }
    }

    public void logout() {
        if (this.currentSession != null) {
            this.store.invalidateSession(this.currentSession);
        }
    }

    @Override // kikaha.core.modules.security.SecurityContext
    public void updateCurrentSession() {
        if (this.currentSession.hasChanged()) {
            this.currentSession.flush();
            this.store.flush(this.currentSession);
        }
    }

    public Account getAuthenticatedAccount() {
        if (this.currentSession != null) {
            return this.currentSession.getAuthenticatedAccount();
        }
        return null;
    }

    public void setAuthenticationRequired() {
    }

    public void authenticationComplete(Account account, String str, boolean z) {
        throw new UnsupportedOperationException(MSG_NOT_SUPPORTED_BY_DEFAULT);
    }

    public void authenticationFailed(String str, String str2) {
        throw new UnsupportedOperationException(MSG_NOT_SUPPORTED_BY_DEFAULT);
    }

    public boolean login(String str, String str2) {
        throw new UnsupportedOperationException(MSG_NO_MANUAL_LOGIN);
    }

    public void registerNotificationReceiver(NotificationReceiver notificationReceiver) {
        throw new UnsupportedOperationException(MSG_IMMUTABLE);
    }

    public void removeNotificationReceiver(NotificationReceiver notificationReceiver) {
        throw new UnsupportedOperationException(MSG_IMMUTABLE);
    }

    public String getMechanismName() {
        throw new UnsupportedOperationException(MSG_NOT_SUPPORTED_BY_DEFAULT);
    }

    public io.undertow.security.idm.IdentityManager getIdentityManager() {
        throw new UnsupportedOperationException(MSG_NOT_SUPPORTED_BY_DEFAULT);
    }

    public void addAuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism authenticationMechanism) {
        throw new UnsupportedOperationException(MSG_IMMUTABLE);
    }

    public List<io.undertow.security.api.AuthenticationMechanism> getAuthenticationMechanisms() {
        throw new UnsupportedOperationException(MSG_NOT_SUPPORTED_BY_DEFAULT);
    }

    public boolean isAuthenticationRequired() {
        getClass();
        return true;
    }

    public AuthenticationMechanism getCurrentAuthMechanism() {
        return this.currentAuthMechanism;
    }

    @Override // kikaha.core.modules.security.SecurityContext
    public Session getCurrentSession() {
        return this.currentSession;
    }

    public boolean isAuthenticated() {
        return this.authenticated;
    }

    @NonNull
    public AuthenticationRule getRule() {
        return this.rule;
    }

    @NonNull
    public HttpServerExchange getExchange() {
        return this.exchange;
    }

    @NonNull
    public SessionStore getStore() {
        return this.store;
    }

    @ConstructorProperties({"rule", "exchange", "store"})
    public DefaultSecurityContext(@NonNull AuthenticationRule authenticationRule, @NonNull HttpServerExchange httpServerExchange, @NonNull SessionStore sessionStore) {
        if (authenticationRule == null) {
            throw new NullPointerException("rule");
        }
        if (httpServerExchange == null) {
            throw new NullPointerException("exchange");
        }
        if (sessionStore == null) {
            throw new NullPointerException("store");
        }
        this.rule = authenticationRule;
        this.exchange = httpServerExchange;
        this.store = sessionStore;
    }
}
