package kikaha.core.modules.security;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.Headers;
import java.beans.ConstructorProperties;
import lombok.NonNull;

/* loaded from: input_file:kikaha/core/modules/security/AuthenticationHttpHandler.class */
class AuthenticationHttpHandler implements HttpHandler {

    @NonNull
    final AuthenticationRuleMatcher authenticationRuleMatcher;

    @NonNull
    final String permissionDeniedPage;

    @NonNull
    final HttpHandler next;

    @NonNull
    final SecurityContextFactory securityContextFactory;

    @NonNull
    final SessionStore sessionStore;

    @NonNull
    final SessionIdManager sessionIdManager;

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        AuthenticationRule retrieveRuleThatEnsureRequestShouldBeAuthenticated = retrieveRuleThatEnsureRequestShouldBeAuthenticated(httpServerExchange);
        if (retrieveRuleThatEnsureRequestShouldBeAuthenticated == null) {
            retrieveRuleThatEnsureRequestShouldBeAuthenticated = AuthenticationRule.EMPTY;
        }
        SecurityContext orCreateSecurityContext = getOrCreateSecurityContext(httpServerExchange, retrieveRuleThatEnsureRequestShouldBeAuthenticated);
        if (orCreateSecurityContext.isAuthenticated()) {
            this.next.handleRequest(httpServerExchange);
        } else {
            runAuthenticationInIOThread(httpServerExchange, retrieveRuleThatEnsureRequestShouldBeAuthenticated, orCreateSecurityContext);
        }
    }

    private AuthenticationRule retrieveRuleThatEnsureRequestShouldBeAuthenticated(HttpServerExchange httpServerExchange) {
        String relativePath = httpServerExchange.getRelativePath();
        String first = httpServerExchange.getRequestHeaders().getFirst(Headers.REFERER);
        return this.authenticationRuleMatcher.retrieveAuthenticationRuleForUrl(relativePath, first != null ? first : "");
    }

    private SecurityContext getOrCreateSecurityContext(HttpServerExchange httpServerExchange, AuthenticationRule authenticationRule) {
        SecurityContext securityContext = (SecurityContext) httpServerExchange.getSecurityContext();
        if (securityContext == null) {
            securityContext = this.securityContextFactory.createSecurityContextFor(httpServerExchange, authenticationRule, this.sessionStore, this.sessionIdManager);
            httpServerExchange.setSecurityContext(securityContext);
        }
        httpServerExchange.addExchangeCompleteListener(new SecurityContextAutoUpdater(securityContext));
        return securityContext;
    }

    void runAuthenticationInIOThread(HttpServerExchange httpServerExchange, AuthenticationRule authenticationRule, SecurityContext securityContext) {
        httpServerExchange.dispatch(new AuthenticationRunner(httpServerExchange, this.next, securityContext, authenticationRule.expectedRoles(), this.permissionDeniedPage));
    }

    @ConstructorProperties({"authenticationRuleMatcher", "permissionDeniedPage", "next", "securityContextFactory", "sessionStore", "sessionIdManager"})
    public AuthenticationHttpHandler(@NonNull AuthenticationRuleMatcher authenticationRuleMatcher, @NonNull String str, @NonNull HttpHandler httpHandler, @NonNull SecurityContextFactory securityContextFactory, @NonNull SessionStore sessionStore, @NonNull SessionIdManager sessionIdManager) {
        if (authenticationRuleMatcher == null) {
            throw new NullPointerException("authenticationRuleMatcher");
        }
        if (str == null) {
            throw new NullPointerException("permissionDeniedPage");
        }
        if (httpHandler == null) {
            throw new NullPointerException("next");
        }
        if (securityContextFactory == null) {
            throw new NullPointerException("securityContextFactory");
        }
        if (sessionStore == null) {
            throw new NullPointerException("sessionStore");
        }
        if (sessionIdManager == null) {
            throw new NullPointerException("sessionIdManager");
        }
        this.authenticationRuleMatcher = authenticationRuleMatcher;
        this.permissionDeniedPage = str;
        this.next = httpHandler;
        this.securityContextFactory = securityContextFactory;
        this.sessionStore = sessionStore;
        this.sessionIdManager = sessionIdManager;
    }
}
