package org.omnifaces.security.jaspic.wrappers;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.module.ServerAuthModule;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.omnifaces.security.jaspic.core.HttpMsgContext;
import org.omnifaces.security.jaspic.core.Jaspic;
import org.omnifaces.security.jaspic.core.ServerAuthModuleWrapper;

/* loaded from: input_file:org/omnifaces/security/jaspic/wrappers/AutoRegisterSessionWrapper.class */
public class AutoRegisterSessionWrapper extends ServerAuthModuleWrapper {
    private static final String AUTHENTICATOR_SESSION_NAME = "org.omnifaces.security.jaspic.Authenticator";
    private CallbackHandler handler;
    private Map<String, String> options;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/omnifaces/security/jaspic/wrappers/AutoRegisterSessionWrapper$AuthenticationData.class */
    public class AuthenticationData {
        private final String username;
        private final List<String> applicationRoles;

        public AuthenticationData(String str, List<String> list) {
            this.username = str;
            if (list != null) {
                this.applicationRoles = Collections.unmodifiableList(new ArrayList(list));
            } else {
                this.applicationRoles = Collections.emptyList();
            }
        }

        public String getUserName() {
            return this.username;
        }

        public List<String> getApplicationRoles() {
            return this.applicationRoles;
        }
    }

    public AutoRegisterSessionWrapper(ServerAuthModule serverAuthModule) {
        super(serverAuthModule);
    }

    @Override // org.omnifaces.security.jaspic.core.ServerAuthModuleWrapper
    public void initialize(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map map) throws AuthException {
        super.initialize(messagePolicy, messagePolicy2, callbackHandler, map);
        this.handler = callbackHandler;
        this.options = map;
    }

    @Override // org.omnifaces.security.jaspic.core.ServerAuthModuleWrapper
    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        HttpMsgContext httpMsgContext = new HttpMsgContext(this.handler, this.options, messageInfo, subject);
        if (!httpMsgContext.isAuthenticationRequest() && canReAuthenticate(httpMsgContext)) {
            return null;
        }
        AuthStatus validateRequest = super.validateRequest(messageInfo, subject, subject2);
        if (validateRequest == AuthStatus.SUCCESS) {
            saveAuthentication(httpMsgContext.getRequest());
        }
        return validateRequest;
    }

    private boolean canReAuthenticate(HttpMsgContext httpMsgContext) {
        AuthenticationData authenticationDataFromSession = getAuthenticationDataFromSession(httpMsgContext);
        if (authenticationDataFromSession == null) {
            return false;
        }
        httpMsgContext.notifyContainerAboutLogin(authenticationDataFromSession.getUserName(), authenticationDataFromSession.getApplicationRoles());
        return true;
    }

    private void saveAuthentication(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getAttribute(Jaspic.LOGGEDIN_USERNAME) != null) {
            httpServletRequest.getSession().setAttribute(AUTHENTICATOR_SESSION_NAME, new AuthenticationData((String) httpServletRequest.getAttribute(Jaspic.LOGGEDIN_USERNAME), (List) httpServletRequest.getAttribute(Jaspic.LOGGEDIN_ROLES)));
        }
    }

    private AuthenticationData getAuthenticationDataFromSession(HttpMsgContext httpMsgContext) {
        HttpSession session = httpMsgContext.getRequest().getSession(false);
        if (session != null) {
            return (AuthenticationData) session.getAttribute(AUTHENTICATOR_SESSION_NAME);
        }
        return null;
    }
}
