package net.redpipe.engine.security;

import io.vertx.core.json.JsonObject;
import io.vertx.rxjava.ext.auth.AuthProvider;
import io.vertx.rxjava.ext.web.RoutingContext;
import io.vertx.rxjava.ext.web.Session;
import java.net.URI;
import java.net.URISyntaxException;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import net.redpipe.engine.core.AppGlobals;
import rx.Single;

@Path("/")
/* loaded from: input_file:net/redpipe/engine/security/BaseSecurityResource.class */
public abstract class BaseSecurityResource {
    public static final String REDIRECT_KEY = "__login_redirect";

    @GET
    @Path("/login")
    public abstract Object login(@Context UriInfo uriInfo);

    @POST
    @Path("/loginAuth")
    public Single<Response> loginAuth(@FormParam("username") String str, @FormParam("password") String str2, @FormParam("return_url") String str3, @Context Session session, @Context RoutingContext routingContext, @Context AuthProvider authProvider) throws URISyntaxException {
        return (str == null || str.isEmpty() || str2 == null || str2.isEmpty()) ? Single.just(Response.status(Response.Status.BAD_REQUEST).build()) : authProvider.rxAuthenticate(new JsonObject().put("username", str).put("password", str2)).map(user -> {
            routingContext.setUser(user);
            if (session != null) {
                session.regenerateId();
            }
            String str4 = (String) session.remove(REDIRECT_KEY);
            if (str4 == null) {
                str4 = str3;
            }
            if (str4 == null) {
                str4 = "/";
            }
            try {
                return Response.status(Response.Status.FOUND).location(new URI(str4)).build();
            } catch (URISyntaxException e) {
                throw new RuntimeException(e);
            }
        }).onErrorReturn(th -> {
            th.printStackTrace();
            return Response.status(Response.Status.FORBIDDEN).build();
        });
    }

    @GET
    @Path("/logout")
    public Response logout(@Context UriInfo uriInfo, @Context RoutingContext routingContext, @Context AppGlobals appGlobals) {
        routingContext.clearUser();
        return Response.status(Response.Status.FOUND).location(uriInfo.getBaseUriBuilder().path(appGlobals.getMainClass()).build(new Object[0])).build();
    }
}
