package com.mastfrog.acteur.auth;

import com.google.common.base.Optional;
import com.google.inject.Inject;
import com.mastfrog.acteur.HttpEvent;
import com.mastfrog.acteur.Response;
import com.mastfrog.acteur.auth.AuthenticationStrategy;
import com.mastfrog.acteur.auth.UserFactory;
import com.mastfrog.acteur.headers.Headers;
import com.mastfrog.settings.Settings;
import com.mastfrog.util.time.TimeUtil;
import io.netty.handler.codec.http.cookie.Cookie;
import java.util.Collection;
import java.util.concurrent.atomic.AtomicReference;

/* loaded from: input_file:com/mastfrog/acteur/auth/CookieAuthenticationStrategy.class */
class CookieAuthenticationStrategy extends AuthenticationStrategy {
    private final UserFactory<?> users;
    private final OAuthPlugins plugins;

    @Inject
    CookieAuthenticationStrategy(Settings settings, UserFactory<?> userFactory, OAuthPlugins oAuthPlugins) {
        this.users = userFactory;
        this.plugins = oAuthPlugins;
    }

    @Override // com.mastfrog.acteur.auth.AuthenticationStrategy
    public Result<?> authenticate(HttpEvent httpEvent, AtomicReference<? super AuthenticationStrategy.FailHook> atomicReference, Collection<? super Object> collection, Response response) {
        Cookie[] cookieArr = (Cookie[]) httpEvent.header(Headers.COOKIE_B);
        if (cookieArr == null || cookieArr.length == 0) {
            return new Result<>(ResultType.NO_CREDENTIALS, true);
        }
        Result<?> result = null;
        for (Cookie cookie : cookieArr) {
            Optional<OAuthPlugin<?>> find = this.plugins.find(cookie.name());
            if (find.isPresent()) {
                result = tryToAuthenticate((OAuthPlugin) find.get(), httpEvent, cookie, this.users, collection, response);
                if (result.isSuccess()) {
                    collection.add(result.user);
                    return result;
                }
            }
        }
        return result == null ? new Result<>(ResultType.NO_CREDENTIALS, true) : result;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <T, R> Result<?> tryToAuthenticate(OAuthPlugin<T> oAuthPlugin, HttpEvent httpEvent, Cookie cookie, UserFactory<R> userFactory, Collection<? super Object> collection, Response response) {
        Optional<UserInfo> decodeCookieValue = this.plugins.decodeCookieValue(cookie.value());
        if (!decodeCookieValue.isPresent()) {
            return new Result<>(ResultType.INVALID_CREDENTIALS, true);
        }
        UserInfo userInfo = (UserInfo) decodeCookieValue.get();
        Optional findUserByName = userFactory.findUserByName(userInfo.userName);
        if (!findUserByName.isPresent()) {
            return new Result<>(ResultType.NO_RECORD, userInfo.userName, true);
        }
        Object obj = findUserByName.get();
        Optional<UserFactory.Slug> slug = userFactory.getSlug(oAuthPlugin.code(), obj, false);
        if (!slug.isPresent()) {
            return new Result<>(ResultType.BAD_RECORD, userInfo.userName, true);
        }
        UserFactory.Slug slug2 = (UserFactory.Slug) slug.get();
        if (TimeUtil.isLonger(slug2.age(), oAuthPlugin.getSlugMaxAge())) {
            return new Result<>(ResultType.EXPIRED_CREDENTIALS, userInfo.userName, true);
        }
        String str = this.plugins.encodeCookieValue(userInfo.userName, slug2.slug).split(":")[0];
        if (!str.equals(userInfo.hashedSlug)) {
            return new Result<>(ResultType.BAD_PASSWORD, userInfo.userName, true);
        }
        Object userObject = userFactory.toUserObject(obj);
        String userDisplayName = userFactory.getUserDisplayName(obj);
        if (userDisplayName != null && !this.plugins.hasDisplayNameCookie(httpEvent)) {
            this.plugins.createDisplayNameCookie(httpEvent, response, userDisplayName);
        }
        return new Result<>(userObject, userInfo.userName, str, ResultType.SUCCESS, true, userDisplayName);
    }
}
