package io.streamthoughts.azkarra.http.security.handler;

import io.streamthoughts.azkarra.api.AzkarraContext;
import io.streamthoughts.azkarra.api.components.NoSuchComponentException;
import io.streamthoughts.azkarra.api.errors.AzkarraException;
import io.streamthoughts.azkarra.api.errors.ConfException;
import io.streamthoughts.azkarra.http.security.AzkarraIdentityManager;
import io.streamthoughts.azkarra.http.security.SecurityConfig;
import io.streamthoughts.azkarra.http.security.SecurityMechanism;
import io.streamthoughts.azkarra.http.security.auth.Authenticator;
import io.streamthoughts.azkarra.http.security.auth.AzkarraPrincipalBuilder;
import io.streamthoughts.azkarra.http.security.auth.BasicAuthenticator;
import io.streamthoughts.azkarra.http.security.auth.CertClientAuthenticator;
import io.streamthoughts.azkarra.http.security.auth.UsersIdentityManager;
import io.streamthoughts.azkarra.http.security.authorizer.AuthorizationManager;
import io.undertow.security.impl.BasicAuthenticationMechanism;
import io.undertow.security.impl.ClientCertAuthenticationMechanism;
import io.undertow.server.HttpHandler;
import java.util.Collections;
import java.util.regex.Pattern;

/* loaded from: input_file:io/streamthoughts/azkarra/http/security/handler/SecurityHandlerFactory.class */
public class SecurityHandlerFactory {
    private final AzkarraContext context;

    public SecurityHandlerFactory(AzkarraContext azkarraContext) {
        this.context = azkarraContext;
    }

    public SecurityHandler make(SecurityConfig securityConfig, HttpHandler httpHandler) {
        BasicAuthenticationMechanism clientCertAuthenticationMechanism;
        Authenticator certClientAuthenticator;
        String authenticationMechanism = securityConfig.getAuthenticationMechanism();
        try {
            SecurityMechanism valueOf = SecurityMechanism.valueOf(authenticationMechanism);
            switch (valueOf) {
                case BASIC_AUTH:
                    String authenticationRealm = securityConfig.getAuthenticationRealm();
                    clientCertAuthenticationMechanism = new BasicAuthenticationMechanism(authenticationRealm, "BASIC", securityConfig.isBasicAuthenticationSilent());
                    certClientAuthenticator = new BasicAuthenticator(authenticationRealm);
                    UsersIdentityManager userIdentityManagerOrNull = getUserIdentityManagerOrNull(securityConfig);
                    if (userIdentityManagerOrNull != null) {
                        ((BasicAuthenticator) certClientAuthenticator).setUserIdentityManager(userIdentityManagerOrNull);
                        break;
                    }
                    break;
                case CLIENT_CERT_AUTH:
                    clientCertAuthenticationMechanism = new ClientCertAuthenticationMechanism();
                    certClientAuthenticator = new CertClientAuthenticator();
                    break;
                default:
                    throw new AzkarraException("Unknown security mechanism : " + valueOf);
            }
            return new SecurityHandler(new AzkarraIdentityManager(certClientAuthenticator), getAuthorizationManager(securityConfig), clientCertAuthenticationMechanism, valueOf, getPrincipalBuilderOrNull(securityConfig), httpHandler, Collections.singletonList(Pattern.compile("^/api/.*")));
        } catch (IllegalArgumentException e) {
            throw new ConfException("Authentication method not supported : '" + authenticationMechanism + "'");
        }
    }

    private AuthorizationManager getAuthorizationManager(SecurityConfig securityConfig) {
        AuthorizationManager authorizationManager;
        try {
            authorizationManager = (AuthorizationManager) this.context.getComponent(AuthorizationManager.class);
        } catch (NoSuchComponentException e) {
            authorizationManager = securityConfig.getAuthorizationManager();
        }
        return authorizationManager;
    }

    private UsersIdentityManager getUserIdentityManagerOrNull(SecurityConfig securityConfig) {
        UsersIdentityManager userIdentityManager;
        try {
            userIdentityManager = (UsersIdentityManager) this.context.getComponent(UsersIdentityManager.class);
        } catch (NoSuchComponentException e) {
            userIdentityManager = securityConfig.getUserIdentityManager();
        }
        return userIdentityManager;
    }

    private AzkarraPrincipalBuilder getPrincipalBuilderOrNull(SecurityConfig securityConfig) {
        AzkarraPrincipalBuilder authenticationPrincipalBuilder;
        try {
            authenticationPrincipalBuilder = (AzkarraPrincipalBuilder) this.context.getComponent(AzkarraPrincipalBuilder.class);
        } catch (NoSuchComponentException e) {
            authenticationPrincipalBuilder = securityConfig.getAuthenticationPrincipalBuilder();
        }
        return authenticationPrincipalBuilder;
    }
}
