package org.apereo.cas.webauthn.web;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.yubico.core.WebAuthnServer;
import com.yubico.data.AssertionRequestWrapper;
import com.yubico.data.RegistrationRequest;
import com.yubico.internal.util.JacksonCodecs;
import com.yubico.util.Either;
import com.yubico.webauthn.data.ByteArray;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import lombok.NonNull;
import org.jooq.lambda.Unchecked;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({WebAuthnController.BASE_ENDPOINT_WEBAUTHN})
@RestController("webAuthnController")
/* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnController.class */
public class WebAuthnController {
    public static final String BASE_ENDPOINT_WEBAUTHN = "/webauthn";
    public static final String WEBAUTHN_ENDPOINT_REGISTER = "/register";
    public static final String WEBAUTHN_ENDPOINT_AUTHENTICATE = "/authenticate";
    private static final String WEBAUTHN_ENDPOINT_FINISH = "/finish";
    private final WebAuthnServer server;

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(WebAuthnController.class);
    private static final ObjectMapper MAPPER = JacksonCodecs.json().findAndRegisterModules();

    /* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnController$StartAuthenticationActions.class */
    private static class StartAuthenticationActions {
        private final String finish = WebAuthnController.BASE_ENDPOINT_WEBAUTHN.substring(1) + "/authenticate/finish";

        private StartAuthenticationActions() {
        }

        @Generated
        public String getFinish() {
            return this.finish;
        }
    }

    /* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnController$StartAuthenticationResponse.class */
    private static class StartAuthenticationResponse {
        private final AssertionRequestWrapper request;
        private final boolean success = true;
        private final StartAuthenticationActions actions = new StartAuthenticationActions();

        @Generated
        public StartAuthenticationResponse(AssertionRequestWrapper assertionRequestWrapper) {
            this.request = assertionRequestWrapper;
        }

        @Generated
        public boolean isSuccess() {
            Objects.requireNonNull(this);
            return true;
        }

        @Generated
        public AssertionRequestWrapper getRequest() {
            return this.request;
        }

        @Generated
        public StartAuthenticationActions getActions() {
            return this.actions;
        }
    }

    /* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnController$StartRegistrationActions.class */
    private static class StartRegistrationActions {
        private final String finish = WebAuthnController.BASE_ENDPOINT_WEBAUTHN.substring(1) + "/register/finish";

        private StartRegistrationActions() {
        }

        @Generated
        public String getFinish() {
            return this.finish;
        }
    }

    /* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnController$StartRegistrationResponse.class */
    private static class StartRegistrationResponse {
        private final RegistrationRequest request;
        private final boolean success = true;
        private final StartRegistrationActions actions = new StartRegistrationActions();

        @Generated
        public StartRegistrationResponse(RegistrationRequest registrationRequest) {
            this.request = registrationRequest;
        }

        @Generated
        public boolean isSuccess() {
            Objects.requireNonNull(this);
            return true;
        }

        @Generated
        public RegistrationRequest getRequest() {
            return this.request;
        }

        @Generated
        public StartRegistrationActions getActions() {
            return this.actions;
        }
    }

    @PostMapping(value = {WEBAUTHN_ENDPOINT_REGISTER}, produces = {"application/json"})
    @PreAuthorize("isAuthenticated()")
    public ResponseEntity<Object> startRegistration(@RequestParam("username") @NonNull String str, @RequestParam("displayName") @NonNull String str2, @RequestParam(value = "credentialNickname", required = false, defaultValue = "") String str3, @RequestParam(value = "requireResidentKey", required = false) boolean z, @RequestParam(value = "sessionToken", required = false, defaultValue = "") String str4, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (str == null) {
            throw new NullPointerException("username is marked non-null but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("displayName is marked non-null but is null");
        }
        Either startRegistration = this.server.startRegistration(str, Optional.of(str2), Optional.ofNullable(str3), z, Optional.ofNullable(str4).map(Unchecked.function(ByteArray::fromBase64Url)));
        return startRegistration.isRight() ? startResponse(new StartRegistrationResponse((RegistrationRequest) startRegistration.right().get())) : messagesJson(ResponseEntity.badRequest(), (String) startRegistration.left().get());
    }

    @PostMapping(value = {"/register/finish"}, produces = {"application/json"})
    @PreAuthorize("isAuthenticated()")
    public ResponseEntity<Object> finishRegistration(@RequestBody String str) throws Exception {
        return finishResponse(this.server.finishRegistration(str), str);
    }

    @PostMapping(value = {WEBAUTHN_ENDPOINT_AUTHENTICATE}, produces = {"application/json"})
    public ResponseEntity<Object> startAuthentication(@RequestParam(value = "username", required = false) String str) throws Exception {
        Either startAuthentication = this.server.startAuthentication(Optional.ofNullable(str));
        return startAuthentication.isRight() ? startResponse(new StartAuthenticationResponse((AssertionRequestWrapper) startAuthentication.right().get())) : messagesJson(ResponseEntity.badRequest(), (List<String>) startAuthentication.left().get());
    }

    @PostMapping(value = {"/authenticate/finish"}, produces = {"application/json"})
    public ResponseEntity<Object> finishAuthentication(@RequestBody String str) throws Exception {
        return finishResponse(this.server.finishAuthentication(str), str);
    }

    private static ResponseEntity<Object> startResponse(Object obj) throws Exception {
        LOGGER.trace("Response: [{}]", obj);
        return ResponseEntity.ok(writeJson(obj));
    }

    private static String writeJson(Object obj) throws Exception {
        return MAPPER.writeValueAsString(obj);
    }

    private static ResponseEntity<Object> finishResponse(Either<List<String>, ?> either, String str) throws Exception {
        if (!either.isRight()) {
            return messagesJson(ResponseEntity.badRequest(), (List<String>) either.left().get());
        }
        LOGGER.trace("Response: [{}]", str);
        return ResponseEntity.ok(writeJson(either.right().get()));
    }

    private static ResponseEntity<Object> messagesJson(ResponseEntity.BodyBuilder bodyBuilder, String str) {
        return messagesJson(bodyBuilder, (List<String>) List.of(str));
    }

    private static ResponseEntity<Object> messagesJson(ResponseEntity.BodyBuilder bodyBuilder, List<String> list) {
        return bodyBuilder.body(Map.of("messages", list));
    }

    @Generated
    public WebAuthnController(WebAuthnServer webAuthnServer) {
        this.server = webAuthnServer;
    }
}
