package org.jooby.internal.pac4j;

import java.util.List;
import java.util.Objects;
import org.jooby.Err;
import org.jooby.Request;
import org.jooby.Response;
import org.jooby.Route;
import org.jooby.Status;
import org.jooby.pac4j.Auth;
import org.jooby.pac4j.AuthStore;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.ClientFinder;
import org.pac4j.core.client.Clients;
import org.pac4j.core.client.DirectClient;
import org.pac4j.core.client.IndirectClient;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.exception.RequiresHttpAction;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jooby/internal/pac4j/AuthFilter.class */
public class AuthFilter implements Route.Handler {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private String clientName;
    private Class<? extends UserProfile> profileType;

    public AuthFilter(Class<? extends Client<?, ?>> cls, Class<? extends UserProfile> cls2) {
        this.clientName = cls.getSimpleName();
        this.profileType = (Class) Objects.requireNonNull(cls2, "ProfileType is required.");
    }

    public AuthFilter setName(String str) {
        this.clientName += "," + str;
        return this;
    }

    public String getName() {
        return this.clientName;
    }

    public void handle(Request request, Response response) throws Exception {
        Clients clients = (Clients) request.require(Clients.class);
        String value = request.param(clients.getClientNameParameter()).value(this.clientName);
        WebContext webContext = (WebContext) request.require(WebContext.class);
        ClientFinder clientFinder = (ClientFinder) request.require(ClientFinder.class);
        AuthStore authStore = (AuthStore) request.require(AuthStore.class);
        Client<?, ?> find = find(clientFinder, clients, webContext, null, value);
        boolean z = find instanceof IndirectClient;
        String profileID = profileID(z, request);
        UserProfile userProfile = profileID == null ? null : (UserProfile) authStore.get(profileID).orElse(null);
        if (userProfile == null && (find instanceof DirectClient)) {
            this.log.debug("Performing authentication for client: {}", find);
            try {
                Credentials credentials = find.getCredentials(webContext);
                this.log.debug("credentials: {}", credentials);
                userProfile = find.getUserProfile(credentials, webContext);
                this.log.debug("profile: {}", userProfile);
                if (userProfile != null) {
                    request.set(Auth.ID, userProfile.getId());
                    authStore.set(userProfile);
                }
            } catch (RequiresHttpAction e) {
                throw new TechnicalException("Unexpected HTTP action", e);
            }
        }
        if (userProfile != null) {
            this.log.debug("profile found: {}", userProfile);
            seed(request, this.profileType, userProfile);
        } else {
            if (!z) {
                throw new Err(Status.UNAUTHORIZED);
            }
            try {
                String fullRequestURL = webContext.getFullRequestURL();
                this.log.debug("requestedUrl: {}", fullRequestURL);
                webContext.setSessionAttribute("pac4jRequestedUrl", fullRequestURL);
                find.redirect(webContext, true);
                response.end();
            } catch (RequiresHttpAction e2) {
                new AuthResponse(response).handle(find, e2);
            }
        }
    }

    private String profileID(boolean z, Request request) {
        return (String) request.ifGet(Auth.ID).orElseGet(() -> {
            if (z) {
                return request.session().get(Auth.ID).value((String) null);
            }
            return null;
        });
    }

    private Client find(ClientFinder clientFinder, Clients clients, WebContext webContext, Class<? extends Client<?, ?>> cls, String str) {
        List find = clientFinder.find(clients, webContext, str);
        if (find.size() > 0) {
            return (Client) find.get(0);
        }
        throw new Err(Status.UNAUTHORIZED);
    }

    private void seed(Request request, Class cls, Object obj) {
        while (cls != Object.class) {
            request.set(cls, obj);
            cls = cls.getSuperclass();
        }
    }
}
