package org.pac4j.play.scala.deadbolt2;

import be.objectify.deadbolt.scala.AuthenticatedRequest;
import be.objectify.deadbolt.scala.DeadboltHandler;
import be.objectify.deadbolt.scala.DynamicResourceHandler;
import be.objectify.deadbolt.scala.models.Subject;
import java.util.List;
import java.util.Optional;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.DirectClient;
import org.pac4j.core.config.Config;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.engine.DefaultSecurityLogic;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.exception.http.HttpAction;
import org.pac4j.core.exception.http.StatusAction;
import org.pac4j.core.http.adapter.HttpActionAdapter;
import org.pac4j.core.http.ajax.AjaxRequestResolver;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.play.PlayWebContext;
import org.pac4j.play.store.PlaySessionStore;
import play.api.Logger;
import play.api.Logger$;
import play.api.MarkerContext$;
import play.api.mvc.Request;
import play.api.mvc.RequestHeader;
import play.api.mvc.Result;
import scala.Enumeration;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.concurrent.ExecutionContext;
import scala.concurrent.Future;
import scala.concurrent.Future$;
import scala.reflect.ScalaSignature;
import scala.runtime.NonLocalReturnControl;

/* compiled from: Pac4jHandler.scala */
@ScalaSignature(bytes = "\u0006\u0005\tUf\u0001B\f\u0019\u0001\rB\u0001\u0002\u0012\u0001\u0003\u0002\u0003\u0006I!\u0012\u0005\t\u0015\u0002\u0011\t\u0011)A\u0005\u0017\"Aq\u000b\u0001B\u0001B\u0003%\u0001\f\u0003\u0005_\u0001\t\u0005\t\u0015!\u0003`\u0011!\u0019\u0007A!A!\u0002\u0017!\u0007\"\u00026\u0001\t\u0003Y\u0007bB:\u0001\u0005\u0004%I\u0001\u001e\u0005\u0007s\u0002\u0001\u000b\u0011B;\t\u000bi\u0004A1A>\t\u000f\u00055\u0002\u0001\"\u0011\u00020!9\u00111\n\u0001\u0005B\u00055\u0003bBA7\u0001\u0011\u0005\u0013q\u000e\u0005\b\u0003\u0013\u0003A\u0011BAF\u0011\u001d\t\u0019\u000b\u0001C\u0005\u0003KCq!!-\u0001\t\u0003\n\u0019\fC\u0004\u0002B\u0002!I!a1\t\u000f\u0005u\u0007\u0001\"\u0011\u0002`\"9\u0011Q\u001f\u0001\u0005\n\u0005]\b\u0002\u0004B\u0015\u0001A\u0005\t\u0011!A\u0005\u0002\t-\u0002\u0002\u0004B,\u0001A\u0005\t\u0011!A\u0005\u0002\te\u0003\u0002\u0004B9\u0001A\u0005\t\u0011!A\u0005\u0002\tM\u0004\u0002\u0004BN\u0001A\u0005\t\u0011!A\u0005\u0002\tu%\u0001\u0004)bGRR\u0007*\u00198eY\u0016\u0014(BA\r\u001b\u0003%!W-\u00193c_2$(G\u0003\u0002\u001c9\u0005)1oY1mC*\u0011QDH\u0001\u0005a2\f\u0017P\u0003\u0002 A\u0005)\u0001/Y25U*\t\u0011%A\u0002pe\u001e\u001c\u0001aE\u0002\u0001Ie\u0002B!\n\u0016-k5\taE\u0003\u0002(Q\u00051QM\\4j]\u0016T!!\u000b\u0010\u0002\t\r|'/Z\u0005\u0003W\u0019\u0012A\u0003R3gCVdGoU3dkJLG/\u001f'pO&\u001c\u0007CA\u00174\u001b\u0005q#BA\u00181\u0003\rigo\u0019\u0006\u0003cI\n1!\u00199j\u0015\u0005i\u0012B\u0001\u001b/\u0005\u0019\u0011Vm];miB\u0011agN\u0007\u00029%\u0011\u0001\b\b\u0002\u000f!2\f\u0017pV3c\u0007>tG/\u001a=u!\tQ$)D\u0001<\u0015\tYBH\u0003\u0002>}\u0005AA-Z1eE>dGO\u0003\u0002@\u0001\u0006IqN\u00196fGRLg-\u001f\u0006\u0002\u0003\u0006\u0011!-Z\u0005\u0003\u0007n\u0012q\u0002R3bI\n|G\u000e\u001e%b]\u0012dWM]\u0001\u0007G>tg-[4\u0011\u0005\u0019CU\"A$\u000b\u0005\u0011C\u0013BA%H\u0005\u0019\u0019uN\u001c4jO\u000691\r\\5f]R\u001c\bC\u0001'U\u001d\ti%\u000b\u0005\u0002O#6\tqJ\u0003\u0002QE\u00051AH]8pizR\u0011aG\u0005\u0003'F\u000ba\u0001\u0015:fI\u00164\u0017BA+W\u0005\u0019\u0019FO]5oO*\u00111+U\u0001\u0011a2\f\u0017pU3tg&|gn\u0015;pe\u0016\u0004\"!\u0017/\u000e\u0003iS!a\u0017\u000f\u0002\u000bM$xN]3\n\u0005uS&\u0001\u0005)mCf\u001cVm]:j_:\u001cFo\u001c:f\u0003Y\u0011x\u000e\\3QKJl\u0017n]:j_:\u001c\b*\u00198eY\u0016\u0014\bC\u00011b\u001b\u0005A\u0012B\u00012\u0019\u0005A\u0001\u0016m\u0019\u001bk%>dW\rS1oI2,'/\u0001\u0002fGB\u0011Q\r[\u0007\u0002M*\u0011q-U\u0001\u000bG>t7-\u001e:sK:$\u0018BA5g\u0005A)\u00050Z2vi&|gnQ8oi\u0016DH/\u0001\u0004=S:LGO\u0010\u000b\u0006Y>\u0004\u0018O\u001d\u000b\u0003[:\u0004\"\u0001\u0019\u0001\t\u000b\r4\u00019\u00013\t\u000b\u00113\u0001\u0019A#\t\u000b)3\u0001\u0019A&\t\u000b]3\u0001\u0019\u0001-\t\u000by3\u0001\u0019A0\u0002\r1|wmZ3s+\u0005)\bC\u0001<x\u001b\u0005\u0001\u0014B\u0001=1\u0005\u0019aunZ4fe\u00069An\\4hKJ\u0004\u0013!D1t'\u000e\fG.Y(qi&|g.F\u0002}\u0003\u000f!2!`A\r!\u0011qx0a\u0001\u000e\u0003EK1!!\u0001R\u0005\u0019y\u0005\u000f^5p]B!\u0011QAA\u0004\u0019\u0001!q!!\u0003\n\u0005\u0004\tYAA\u0001C#\u0011\ti!a\u0005\u0011\u0007y\fy!C\u0002\u0002\u0012E\u0013qAT8uQ&tw\rE\u0002\u007f\u0003+I1!a\u0006R\u0005\r\te.\u001f\u0005\b\u00037I\u0001\u0019AA\u000f\u0003\u0005y\u0007CBA\u0010\u0003S\t\u0019!\u0004\u0002\u0002\")!\u00111EA\u0013\u0003\u0011)H/\u001b7\u000b\u0005\u0005\u001d\u0012\u0001\u00026bm\u0006LA!a\u000b\u0002\"\tAq\n\u001d;j_:\fG.A\bcK\u001a|'/Z!vi\"\u001c\u0005.Z2l+\u0011\t\t$a\u0012\u0015\t\u0005M\u00121\b\t\u0006K\u0006U\u0012\u0011H\u0005\u0004\u0003o1'A\u0002$viV\u0014X\rE\u0002\u007f\u007f2Bq!!\u0010\u000b\u0001\u0004\ty$A\u0004sKF,Xm\u001d;\u0011\u000b5\n\t%!\u0012\n\u0007\u0005\rcFA\u0004SKF,Xm\u001d;\u0011\t\u0005\u0015\u0011q\t\u0003\b\u0003\u0013R!\u0019AA\u0006\u0005\u0005\t\u0015AC4fiN+(M[3diV!\u0011qJA6)\u0011\t\t&!\u0019\u0011\u000b\u0015\f)$a\u0015\u0011\ty|\u0018Q\u000b\t\u0005\u0003/\ni&\u0004\u0002\u0002Z)\u0019\u00111L\u001e\u0002\r5|G-\u001a7t\u0013\u0011\ty&!\u0017\u0003\u000fM+(M[3di\"9\u0011QH\u0006A\u0002\u0005\r\u0004#\u0002\u001e\u0002f\u0005%\u0014bAA4w\t!\u0012)\u001e;iK:$\u0018nY1uK\u0012\u0014V-];fgR\u0004B!!\u0002\u0002l\u00119\u0011\u0011J\u0006C\u0002\u0005-\u0011!F4fiB+'/\\5tg&|gn\u001d$peJ{G.\u001a\u000b\u0005\u0003c\n)\tE\u0003f\u0003k\t\u0019\bE\u0003\u0002v\u0005}4J\u0004\u0003\u0002x\u0005mdb\u0001(\u0002z%\t1$C\u0002\u0002~E\u000bq\u0001]1dW\u0006<W-\u0003\u0003\u0002\u0002\u0006\r%\u0001\u0002'jgRT1!! R\u0011\u0019\t9\t\u0004a\u0001\u0017\u0006A!o\u001c7f\u001d\u0006lW-\u0001\u0006hKR\u0004&o\u001c4jY\u0016$B!!$\u0002\u001cB!ap`AH!\u0011\t\t*a&\u000e\u0005\u0005M%bAAKQ\u00059\u0001O]8gS2,\u0017\u0002BAM\u0003'\u0013QbQ8n[>t\u0007K]8gS2,\u0007bBA\u001f\u001b\u0001\u0007\u0011Q\u0014\t\u0004[\u0005}\u0015bAAQ]\ti!+Z9vKN$\b*Z1eKJ\f!b]3u!J|g-\u001b7f)\u0019\t9+!,\u00020B\u0019a0!+\n\u0007\u0005-\u0016K\u0001\u0003V]&$\bbBA\u001f\u001d\u0001\u0007\u0011Q\u0014\u0005\b\u0003+s\u0001\u0019AAH\u00035yg.Q;uQ\u001a\u000b\u0017\u000e\\;sKV!\u0011QWA`)\u0011\t9,!/\u0011\t\u0015\f)\u0004\f\u0005\b\u0003{y\u0001\u0019AA^!\u0015Q\u0014QMA_!\u0011\t)!a0\u0005\u000f\u0005%sB1\u0001\u0002\f\u0005\t\u0002\u000e\u001e;q\u0003\u000e$\u0018n\u001c8BI\u0006\u0004H/\u001a:\u0016\u0005\u0005\u0015\u0007cBAd\u0003#\f).N\u0007\u0003\u0003\u0013TA!a3\u0002N\u00069\u0011\rZ1qi\u0016\u0014(bAAhQ\u0005!\u0001\u000e\u001e;q\u0013\u0011\t\u0019.!3\u0003#!#H\u000f]!di&|g.\u00113baR,'\u000f\u0005\u0003\u0002X\u0006mWBAAm\u0015\ty#'C\u00025\u00033\f\u0011dZ3u\tft\u0017-\\5d%\u0016\u001cx.\u001e:dK\"\u000bg\u000e\u001a7feV!\u0011\u0011]Az)\u0011\t\u0019/!<\u0011\u000b\u0015\f)$!:\u0011\ty|\u0018q\u001d\t\u0004u\u0005%\u0018bAAvw\t1B)\u001f8b[&\u001c'+Z:pkJ\u001cW\rS1oI2,'\u000fC\u0004\u0002>E\u0001\r!a<\u0011\u000b5\n\t%!=\u0011\t\u0005\u0015\u00111\u001f\u0003\b\u0003\u0013\n\"\u0019AA\u0006\u0003e\u0019H/\u0019:u\t&\u0014Xm\u0019;BkRDWM\u001c;jG\u0006$\u0018n\u001c8\u0015\t\u0005e\u0018q \t\u0004}\u0006m\u0018bAA\u007f#\n9!i\\8mK\u0006t\u0007b\u0002B\u0001%\u0001\u0007!1A\u0001\u000fGV\u0014(/\u001a8u\u00072LWM\u001c;t!\u0019\tyB!\u0002\u0003\b%!\u0011\u0011QA\u0011a\u0011\u0011IAa\u0006\u0011\r\t-!\u0011\u0003B\u000b\u001b\t\u0011iAC\u0002\u0003\u0010!\naa\u00197jK:$\u0018\u0002\u0002B\n\u0005\u001b\u0011aa\u00117jK:$\b\u0003BA\u0003\u0005/!AB!\u0007\u0002��\u0006\u0005\t\u0011!B\u0001\u00057\u00111a\u0018\u00133#\u0011\tiA!\b\u0011\t\t}!QE\u0007\u0003\u0005CQ1Aa\t)\u0003-\u0019'/\u001a3f]RL\u0017\r\\:\n\t\t\u001d\"\u0011\u0005\u0002\f\u0007J,G-\u001a8uS\u0006d7/\u0001\fqe>$Xm\u0019;fI\u0012*h.Y;uQ>\u0014\u0018N_3e)\u0011\u0011iC!\u0016\u0015\r\t=\"Q\bB!!\u0011\u0011\tD!\u000f\u000e\u0005\tM\"\u0002BAh\u0005kQ1Aa\u000e)\u0003%)\u0007pY3qi&|g.\u0003\u0003\u0003<\tM\"A\u0003%uiB\f5\r^5p]\"A!qH\n\u0002\u0002\u0003\u0007Q'A\u0002yIEB\u0011Ba\u0011\u0014\u0003\u0003\u0005\rA!\u0012\u0002\u0007a$#\u0007\u0005\u0004\u0002 \t\u0015!q\t\u0019\u0005\u0005\u0013\u0012i\u0005\u0005\u0004\u0003\f\tE!1\n\t\u0005\u0003\u000b\u0011i\u0005B\u0006\u0003P\u0001\t\t\u0011!A\u0003\u0002\tm!AA 1\u0013\r\u0011\u0019FK\u0001\rk:\fW\u000f\u001e5pe&TX\r\u001a\u0005\t\u0005\u007f\u0019\u0012\u0011!a\u0001[\u0006i\u0002O]8uK\u000e$X\r\u001a\u0013ti\u0006\u0014H/Q;uQ\u0016tG/[2bi&|g\u000e\u0006\u0003\u0003\\\t=DCBA}\u0005;\u0012y\u0006\u0003\u0005\u0003@Q\t\t\u00111\u00016\u0011%\u0011\u0019\u0005FA\u0001\u0002\u0004\u0011\t\u0007\u0005\u0004\u0002 \t\u0015!1\r\u0019\u0005\u0005K\u0012I\u0007\u0005\u0004\u0003\f\tE!q\r\t\u0005\u0003\u000b\u0011I\u0007B\u0006\u0003P\u0001\t\t\u0011!A\u0003\u0002\tm\u0011b\u0001B7U\u0005\u00192\u000f^1si\u0006+H\u000f[3oi&\u001c\u0017\r^5p]\"A!q\b\u000b\u0002\u0002\u0003\u0007Q.\u0001\u000eqe>$Xm\u0019;fI\u0012\u001a\u0018M^3SKF,Xm\u001d;fIV\u0013H\u000e\u0006\u0003\u0003v\teE\u0003CAT\u0005o\u0012IH!#\t\u0011\t}R#!AA\u0002UB\u0011Ba\u0011\u0016\u0003\u0003\u0005\rAa\u001f\u0011\r\u0005}!Q\u0001B?a\u0011\u0011yHa!\u0011\r\t-!\u0011\u0003BA!\u0011\t)Aa!\u0005\u0017\t=\u0003!!A\u0001\u0002\u000b\u0005!1D\u0005\u0004\u0005\u000fS\u0013\u0001E:bm\u0016\u0014V-];fgR,G-\u0016:m\u0011%\u0011Y)FA\u0001\u0002\u0004\u0011i)A\u0002yIM\u0002BAa$\u0003\u00166\u0011!\u0011\u0013\u0006\u0005\u0005'\u000bi-\u0001\u0003bU\u0006D\u0018\u0002\u0002BL\u0005#\u00131#\u00116bqJ+\u0017/^3tiJ+7o\u001c7wKJD\u0001Ba\u0010\u0016\u0003\u0003\u0005\r!\\\u0001%aJ|G/Z2uK\u0012$#/\u001a3je\u0016\u001cG\u000fV8JI\u0016tG/\u001b;z!J|g/\u001b3feR!!q\u0014BZ)\u0019\u0011yC!)\u0003$\"A!q\b\f\u0002\u0002\u0003\u0007Q\u0007C\u0005\u0003DY\t\t\u00111\u0001\u0003&B1\u0011q\u0004B\u0003\u0005O\u0003DA!+\u0003.B1!1\u0002B\t\u0005W\u0003B!!\u0002\u0003.\u0012Y!q\n\u0001\u0002\u0002\u0003\u0005)\u0011\u0001B\u000e\u0013\r\u0011\tLK\u0001\u001be\u0016$\u0017N]3diR{\u0017\nZ3oi&$\u0018\u0010\u0015:pm&$WM\u001d\u0005\t\u0005\u007f1\u0012\u0011!a\u0001[\u0002")
/* loaded from: input_file:org/pac4j/play/scala/deadbolt2/Pac4jHandler.class */
public class Pac4jHandler extends DefaultSecurityLogic<Result, PlayWebContext> implements DeadboltHandler {
    private final Config config;
    private final String clients;
    private final PlaySessionStore playSessionStore;
    private final Pac4jRoleHandler rolePermissionsHandler;
    private final ExecutionContext ec;
    private final Logger logger;

    public <A> void onAuthSuccess(AuthenticatedRequest<A> authenticatedRequest, String str, Enumeration.Value value) {
        DeadboltHandler.onAuthSuccess$(this, authenticatedRequest, str, value);
    }

    public String handlerName() {
        return DeadboltHandler.handlerName$(this);
    }

    public /* synthetic */ HttpAction protected$unauthorized(Pac4jHandler pac4jHandler, PlayWebContext playWebContext, List list) {
        return pac4jHandler.unauthorized(playWebContext, list);
    }

    public /* synthetic */ boolean protected$startAuthentication(Pac4jHandler pac4jHandler, PlayWebContext playWebContext, List list) {
        return pac4jHandler.startAuthentication(playWebContext, list);
    }

    public /* synthetic */ void protected$saveRequestedUrl(Pac4jHandler pac4jHandler, PlayWebContext playWebContext, List list, AjaxRequestResolver ajaxRequestResolver) {
        pac4jHandler.saveRequestedUrl(playWebContext, list, ajaxRequestResolver);
    }

    public /* synthetic */ HttpAction protected$redirectToIdentityProvider(Pac4jHandler pac4jHandler, PlayWebContext playWebContext, List list) {
        return pac4jHandler.redirectToIdentityProvider(playWebContext, list);
    }

    private Logger logger() {
        return this.logger;
    }

    public <B> Option<B> asScalaOption(Optional<B> optional) {
        return optional.isPresent() ? new Some(optional.get()) : None$.MODULE$;
    }

    public <A> Future<Option<Result>> beforeAuthCheck(Request<A> request) {
        Object obj = new Object();
        try {
            return Future$.MODULE$.apply(() -> {
                HttpAction httpAction;
                CommonProfile userProfile;
                if (this.getProfile(request).isDefined()) {
                    this.logger().debug(() -> {
                        return "profile found -> returning None";
                    }, MarkerContext$.MODULE$.NoMarker());
                    return None$.MODULE$;
                }
                PlayWebContext playWebContext = new PlayWebContext((RequestHeader) request, this.playSessionStore);
                List<Client<? extends Credentials>> find = this.getClientFinder().find(this.config.getClients(), playWebContext, this.clients);
                this.logger().debug(() -> {
                    return new StringBuilder(16).append("currentClients: ").append(find).toString();
                }, MarkerContext$.MODULE$.NoMarker());
                try {
                    if (this.startDirectAuthentication(find)) {
                        this.logger().debug(() -> {
                            return "Starting direct authentication";
                        }, MarkerContext$.MODULE$.NoMarker());
                        Optional credentials = find.get(0).getCredentials(playWebContext);
                        if (credentials.isPresent() && (userProfile = ((Credentials) credentials.get()).getUserProfile()) != null) {
                            this.setProfile(request, userProfile);
                            throw new NonLocalReturnControl(obj, Future$.MODULE$.apply(() -> {
                                return None$.MODULE$;
                            }, this.ec));
                        }
                        this.logger().debug(() -> {
                            return "unauthorized";
                        }, MarkerContext$.MODULE$.NoMarker());
                        httpAction = this.protected$unauthorized(this, playWebContext, find);
                    } else if (this.protected$startAuthentication(this, playWebContext, find)) {
                        this.logger().debug(() -> {
                            return "Starting authentication";
                        }, MarkerContext$.MODULE$.NoMarker());
                        this.protected$saveRequestedUrl(this, playWebContext, find, null);
                        httpAction = this.protected$redirectToIdentityProvider(this, playWebContext, find);
                    } else {
                        this.logger().debug(() -> {
                            return "unauthorized";
                        }, MarkerContext$.MODULE$.NoMarker());
                        httpAction = this.protected$unauthorized(this, playWebContext, find);
                    }
                } catch (HttpAction e) {
                    httpAction = e;
                }
                return new Some(((play.mvc.Result) this.httpActionAdapter().adapt(httpAction, playWebContext)).asScala());
            }, this.ec);
        } catch (NonLocalReturnControl e) {
            if (e.key() == obj) {
                return (Future) e.value();
            }
            throw e;
        }
    }

    public <A> Future<Option<Subject>> getSubject(AuthenticatedRequest<A> authenticatedRequest) {
        return Future$.MODULE$.apply(() -> {
            return this.getProfile(authenticatedRequest).map(commonProfile -> {
                return Pac4jSubject$.MODULE$.apply(commonProfile);
            });
        }, this.ec);
    }

    public Future<scala.collection.immutable.List<String>> getPermissionsForRole(String str) {
        return this.rolePermissionsHandler.getPermissionsForRole(this.clients, str, this.ec);
    }

    private Option<CommonProfile> getProfile(RequestHeader requestHeader) {
        return asScalaOption(new ProfileManager(new PlayWebContext(requestHeader, this.playSessionStore)).getLikeDefaultSecurityLogic(true));
    }

    private void setProfile(RequestHeader requestHeader, CommonProfile commonProfile) {
        new PlayWebContext(requestHeader, this.playSessionStore).setRequestAttribute("pac4jUserProfiles", commonProfile);
    }

    public <A> Future<Result> onAuthFailure(AuthenticatedRequest<A> authenticatedRequest) {
        return Future$.MODULE$.apply(() -> {
            return ((play.mvc.Result) this.httpActionAdapter().adapt(new StatusAction(403), new PlayWebContext((RequestHeader) authenticatedRequest, this.playSessionStore))).asScala();
        }, this.ec);
    }

    private HttpActionAdapter<play.mvc.Result, PlayWebContext> httpActionAdapter() {
        return this.config.getHttpActionAdapter();
    }

    public <A> Future<Option<DynamicResourceHandler>> getDynamicResourceHandler(Request<A> request) {
        throw new TechnicalException("getDynamicResourceHandler() not supported in Pac4jHandler");
    }

    private boolean startDirectAuthentication(List<Client<? extends Credentials>> list) {
        return CommonHelper.isNotEmpty(list) && (list.get(0) instanceof DirectClient);
    }

    public Pac4jHandler(Config config, String str, PlaySessionStore playSessionStore, Pac4jRoleHandler pac4jRoleHandler, ExecutionContext executionContext) {
        this.config = config;
        this.clients = str;
        this.playSessionStore = playSessionStore;
        this.rolePermissionsHandler = pac4jRoleHandler;
        this.ec = executionContext;
        DeadboltHandler.$init$(this);
        this.logger = Logger$.MODULE$.apply(getClass());
    }
}
