package kikaha.core.modules.security;

import io.undertow.security.idm.Account;
import io.undertow.security.idm.Credential;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormData;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import java.io.IOException;
import javax.inject.Inject;
import javax.inject.Singleton;
import kikaha.core.modules.undertow.Redirect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:kikaha/core/modules/security/FormAuthenticationMechanism.class */
public class FormAuthenticationMechanism implements SimplifiedAuthenticationMechanism {
    private static final Logger log = LoggerFactory.getLogger(FormAuthenticationMechanism.class);
    public static final String LOCATION_ATTRIBUTE = FormAuthenticationMechanism.class.getName() + ".LOCATION";
    private final FormParserFactory formParserFactory;

    @Inject
    AuthenticationEndpoints authenticationEndpoints;

    @Inject
    FormAuthenticationRequestMatcher matcher;

    public FormAuthenticationMechanism() {
        this.formParserFactory = FormParserFactory.builder().build();
    }

    @Override // kikaha.core.modules.security.SimplifiedAuthenticationMechanism, kikaha.core.modules.security.AuthenticationMechanism
    public Account authenticate(HttpServerExchange httpServerExchange, Iterable<IdentityManager> iterable, Session session) {
        Account account = null;
        try {
            if (isCurrentRequestTryingToAuthenticate(httpServerExchange)) {
                account = doAuthentication(httpServerExchange, iterable);
            }
        } catch (IOException e) {
            log.error("Failed to authenticate. Skipping form authentication...", e);
        }
        return account;
    }

    private Account doAuthentication(HttpServerExchange httpServerExchange, Iterable<IdentityManager> iterable) throws IOException {
        Credential readCredential = readCredential(httpServerExchange);
        Account account = null;
        if (readCredential != null) {
            account = verify(iterable, readCredential);
        }
        if (account != null) {
            sendRedirectBack(httpServerExchange);
        }
        return account;
    }

    private void sendRedirectBack(HttpServerExchange httpServerExchange) {
        Redirect.to(httpServerExchange, this.authenticationEndpoints.getSuccessPage());
    }

    @Override // kikaha.core.modules.security.SimplifiedAuthenticationMechanism
    public Credential readCredential(HttpServerExchange httpServerExchange) throws IOException {
        if (!httpServerExchange.isBlocking()) {
            httpServerExchange.startBlocking();
        }
        UsernameAndPasswordCredential usernameAndPasswordCredential = null;
        FormData parseBlocking = this.formParserFactory.createParser(httpServerExchange).parseBlocking();
        FormData.FormValue first = parseBlocking.getFirst("j_username");
        FormData.FormValue first2 = parseBlocking.getFirst("j_password");
        if (first != null && first2 != null) {
            usernameAndPasswordCredential = new UsernameAndPasswordCredential(first.getValue(), first2.getValue());
        }
        return usernameAndPasswordCredential;
    }

    @Override // kikaha.core.modules.security.AuthenticationMechanism
    public boolean sendAuthenticationChallenge(HttpServerExchange httpServerExchange, Session session) {
        Redirect.to(httpServerExchange, isCurrentRequestTryingToAuthenticate(httpServerExchange) ? this.authenticationEndpoints.getErrorPage() : this.authenticationEndpoints.getLoginPage());
        return true;
    }

    private boolean isCurrentRequestTryingToAuthenticate(HttpServerExchange httpServerExchange) {
        return isPostLocation(httpServerExchange) && httpServerExchange.getRequestMethod().equals(Methods.POST) && isContentTypeForm(httpServerExchange);
    }

    private boolean isContentTypeForm(HttpServerExchange httpServerExchange) {
        String first = httpServerExchange.getRequestHeaders().getFirst(Headers.CONTENT_TYPE);
        return "multipart/form-data".equals(first) || "application/x-www-form-urlencoded".equals(first);
    }

    private boolean isPostLocation(HttpServerExchange httpServerExchange) {
        return httpServerExchange.getRelativePath().equals(this.authenticationEndpoints.getCallbackUrl());
    }

    @Override // kikaha.core.modules.security.AuthenticationMechanism
    public void configure(SecurityConfiguration securityConfiguration, AuthenticationEndpoints authenticationEndpoints) {
        securityConfiguration.setRequestMatcherIfAbsent(this.matcher);
    }

    public FormParserFactory getFormParserFactory() {
        return this.formParserFactory;
    }

    public AuthenticationEndpoints getAuthenticationEndpoints() {
        return this.authenticationEndpoints;
    }

    public FormAuthenticationRequestMatcher getMatcher() {
        return this.matcher;
    }

    public FormAuthenticationMechanism(FormParserFactory formParserFactory) {
        this.formParserFactory = formParserFactory;
    }
}
