package org.restheart.security.mechanisms;

import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.impl.BasicAuthenticationMechanism;
import io.undertow.server.HttpServerExchange;
import java.lang.reflect.Field;
import java.util.Map;
import org.restheart.configuration.ConfigurationException;
import org.restheart.plugins.Inject;
import org.restheart.plugins.OnInit;
import org.restheart.plugins.PluginRecord;
import org.restheart.plugins.PluginsRegistry;
import org.restheart.plugins.RegisterPlugin;
import org.restheart.plugins.security.AuthMechanism;

@RegisterPlugin(name = "basicAuthMechanism", description = "handles the basic authentication scheme", enabledByDefault = false)
/* loaded from: input_file:org/restheart/security/mechanisms/BasicAuthMechanism.class */
public class BasicAuthMechanism extends BasicAuthenticationMechanism implements AuthMechanism {
    public static final String SILENT_HEADER_KEY = "No-Auth-Challenge";
    public static final String SILENT_QUERY_PARAM_KEY = "noauthchallenge";

    @Inject("config")
    private Map<String, Object> config;

    @Inject("registry")
    private PluginsRegistry registry;

    public BasicAuthMechanism() throws ConfigurationException {
        super("RESTHeart Realm", "basicAuthMechanism", false);
    }

    @OnInit
    public void init() throws ConfigurationException {
        String str = (String) arg(this.config, "authenticator");
        try {
            PluginRecord authenticator = this.registry.getAuthenticator(str);
            if (authenticator == null) {
                throw new ConfigurationException("authenticator " + str + " is not available");
            }
            setIdentityManager((IdentityManager) authenticator.getInstance());
        } catch (ConfigurationException e) {
            throw new ConfigurationException("authenticator " + str + " is not available. check configuration option /basicAuthMechanism/authenticator");
        }
    }

    private void setIdentityManager(IdentityManager identityManager) {
        try {
            Field declaredField = Class.forName("io.undertow.security.impl.BasicAuthenticationMechanism").getDeclaredField("identityManager");
            declaredField.setAccessible(true);
            declaredField.set(this, identityManager);
        } catch (ClassNotFoundException | IllegalAccessException | NoSuchFieldException | SecurityException e) {
            throw new RuntimeException("Error setting identity manager", e);
        }
    }

    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return (httpServerExchange.getRequestHeaders().contains("No-Auth-Challenge") || httpServerExchange.getQueryParameters().containsKey("noauthchallenge")) ? new AuthenticationMechanism.ChallengeResult(true, 401) : super.sendChallenge(httpServerExchange, securityContext);
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return super.authenticate(httpServerExchange, securityContext);
    }
}
