package com.mastfrog.acteur.auth;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.google.common.base.Optional;
import com.google.inject.Inject;
import com.mastfrog.acteur.Acteur;
import com.mastfrog.acteur.ActeurFactory;
import com.mastfrog.acteur.HttpEvent;
import com.mastfrog.acteur.Page;
import com.mastfrog.acteur.auth.OAuthPlugins;
import com.mastfrog.acteur.auth.UserFactory;
import com.mastfrog.acteur.headers.Headers;
import com.mastfrog.acteur.headers.Method;
import com.mastfrog.acteur.util.BasicCredentials;
import com.mastfrog.acteur.util.PasswordHasher;
import com.mastfrog.acteur.util.Realm;
import com.mastfrog.settings.Settings;
import com.mastfrog.util.time.TimeUtil;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.cookie.Cookie;
import io.netty.handler.codec.http.cookie.DefaultCookie;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:com/mastfrog/acteur/auth/TestLoginPage.class */
final class TestLoginPage extends Page {

    /* loaded from: input_file:com/mastfrog/acteur/auth/TestLoginPage$Identity.class */
    public static final class Identity {
        public String name;
        public String displayName;
        public String serviceName;
        public String serviceCode;

        @JsonCreator
        public Identity() {
        }

        public Identity(String str, String str2, String str3, String str4) {
            this.name = str;
            this.displayName = str2;
            this.serviceName = str3;
            this.serviceCode = str4;
        }
    }

    /* loaded from: input_file:com/mastfrog/acteur/auth/TestLoginPage$Result.class */
    public static class Result {
        public boolean success;
        public List<Identity> identities = new LinkedList();
        public String homePage;
    }

    /* loaded from: input_file:com/mastfrog/acteur/auth/TestLoginPage$TestLoginActeur.class */
    static final class TestLoginActeur extends Acteur {
        private final OAuthPlugins plugins;
        private final HomePageRedirector redir;

        @Inject
        TestLoginActeur(HttpEvent httpEvent, OAuthPlugins oAuthPlugins, AuthenticationStrategy authenticationStrategy, UserFactory<?> userFactory, Realm realm, HomePageRedirector homePageRedirector, Settings settings, PasswordHasher passwordHasher) {
            this.plugins = oAuthPlugins;
            this.redir = homePageRedirector;
            int code = HttpResponseStatus.OK.code();
            if (httpEvent.urlParameter("failwith") != null) {
                try {
                    code = Integer.parseInt(httpEvent.urlParameter("failwith"));
                } catch (NumberFormatException e) {
                    badRequest("Not a number: '" + httpEvent.urlParameter("failwith"));
                    return;
                }
            }
            if ("true".equals(httpEvent.urlParameter("logout"))) {
                oAuthPlugins.logout(httpEvent, response());
                HttpResponseStatus httpResponseStatus = HttpResponseStatus.NO_CONTENT;
                if (httpEvent.header(Headers.AUTHORIZATION) != null) {
                    httpResponseStatus = HttpResponseStatus.UNAUTHORIZED;
                    add(Headers.WWW_AUTHENTICATE, realm);
                }
                reply(httpResponseStatus);
                return;
            }
            Cookie[] cookieArr = (Cookie[]) httpEvent.header(Headers.COOKIE_B);
            HashMap hashMap = new HashMap();
            Result result = new Result();
            if (cookieArr != null && cookieArr.length > 0) {
                for (Cookie cookie : cookieArr) {
                    hashMap.put(cookie.name(), cookie);
                }
                for (OAuthPlugins.PluginInfo pluginInfo : oAuthPlugins.getPlugins()) {
                    Cookie cookie2 = (Cookie) hashMap.get(pluginInfo.code);
                    if (cookie2 != null) {
                        Optional<UserInfo> decodeCookieValue = oAuthPlugins.decodeCookieValue(cookie2.value());
                        if (decodeCookieValue.isPresent()) {
                            loginAs(httpEvent, (UserInfo) decodeCookieValue.get(), oAuthPlugins.getPlugin(pluginInfo.code), userFactory, pluginInfo, result);
                        }
                    }
                }
            }
            BasicCredentials basicCredentials = null;
            if (settings.getBoolean(AuthenticationActeur.SETTINGS_KEY_ENABLE_BASIC_AUTH, true)) {
                basicCredentials = (BasicCredentials) httpEvent.header(Headers.AUTHORIZATION);
                if (basicCredentials != null) {
                    loginAs(httpEvent, basicCredentials, userFactory, result, passwordHasher);
                }
            }
            if ("true".equals(httpEvent.urlParameter("auth")) && result.identities.isEmpty()) {
                add(Headers.WWW_AUTHENTICATE, realm);
                reply(HttpResponseStatus.UNAUTHORIZED, result);
            } else {
                if (result.identities.isEmpty()) {
                    setState(new Acteur.RespondWith(this, code, result));
                    return;
                }
                if (basicCredentials != null) {
                    DefaultCookie defaultCookie = new DefaultCookie(BasicAuthenticationStrategy.CODE, "--");
                    defaultCookie.setDomain(httpEvent.header(Headers.HOST) + "");
                    defaultCookie.setMaxAge(oAuthPlugins.slugMaxAge().getSeconds());
                    defaultCookie.setPath(oAuthPlugins.cookieBasePath());
                    add(Headers.SET_COOKIE_B, defaultCookie);
                }
                ok(result);
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        private <T> void loginAs(HttpEvent httpEvent, BasicCredentials basicCredentials, UserFactory<T> userFactory, Result result, PasswordHasher passwordHasher) {
            Optional findUserByName = userFactory.findUserByName(basicCredentials.username);
            if (findUserByName.isPresent()) {
                Object obj = findUserByName.get();
                Optional<String> passwordHash = userFactory.getPasswordHash(obj);
                if (passwordHash.isPresent() && ((String) passwordHash.get()).equals(passwordHasher.hash(basicCredentials.password))) {
                    String userDisplayName = userFactory.getUserDisplayName(obj);
                    result.identities.add(new Identity(userFactory.getUserName(obj), userDisplayName, "login", BasicAuthenticationStrategy.CODE));
                    result.success = true;
                    result.homePage = this.redir.getRedirectURI(userFactory, obj, httpEvent);
                    if (this.plugins.hasDisplayNameCookie(httpEvent)) {
                        return;
                    }
                    this.plugins.createDisplayNameCookie(httpEvent, response(), userDisplayName);
                }
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        private <T> void loginAs(HttpEvent httpEvent, UserInfo userInfo, OAuthPlugin oAuthPlugin, UserFactory<T> userFactory, OAuthPlugins.PluginInfo pluginInfo, Result result) {
            Optional findUserByName = userFactory.findUserByName(userInfo.userName);
            if (findUserByName.isPresent()) {
                Object obj = findUserByName.get();
                Optional<UserFactory.Slug> slug = userFactory.getSlug(pluginInfo.code, obj, false);
                if (slug.isPresent()) {
                    UserFactory.Slug slug2 = (UserFactory.Slug) slug.get();
                    if (TimeUtil.isShorter(slug2.age(), oAuthPlugin.getSlugMaxAge())) {
                        if (userInfo.hashedSlug.equals(this.plugins.encodeCookieValue(userInfo.userName, slug2.slug).split(":")[0])) {
                            String userDisplayName = userFactory.getUserDisplayName(obj);
                            result.identities.add(new Identity(userFactory.getUserName(obj), userDisplayName, pluginInfo.name, pluginInfo.code));
                            result.success = true;
                            result.homePage = this.redir.getRedirectURI(userFactory, obj, httpEvent);
                            if (this.plugins.hasDisplayNameCookie(httpEvent)) {
                                return;
                            }
                            this.plugins.createDisplayNameCookie(httpEvent, response(), userDisplayName);
                        }
                    }
                }
            }
        }
    }

    @Inject
    TestLoginPage(Settings settings, ActeurFactory acteurFactory) {
        add(acteurFactory.matchPath(new String[]{settings.getString("login.test.page.pattern", "^testLogin$")}));
        add(acteurFactory.matchMethods(new Method[]{Method.GET, Method.POST, Method.PUT}));
        add(TestLoginActeur.class);
    }

    protected String getDescription() {
        return "Allows a client to determine if it is already logged in as one or more users.  URL parameter failwith can be an HTTP response code to give if login fails;  URL parameter logout=true will log the user out (if using cookie-based authentication).";
    }
}
