package de.adorsys.oauth.server;

import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.handlers.ServletRequestContext;
import io.undertow.util.AttachmentKey;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.PolicyContextHandler;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/oauth-wildfly-support-0.34.jar:de/adorsys/oauth/server/DelegateAuthenticationMechanism.class */
public class DelegateAuthenticationMechanism implements AuthenticationMechanism, PolicyContextHandler {
    private static final Logger LOG = LoggerFactory.getLogger(DelegateAuthenticationMechanism.class);
    private static final String[] SUPPORTED_CONTEXT = {HttpServletRequest.class.getName(), HttpServletResponse.class.getName(), AuthorizationRequest.class.getName(), TokenRequest.class.getName()};
    private static ThreadLocal<Map<String, Object>> contextData = new ThreadLocal<Map<String, Object>>() { // from class: de.adorsys.oauth.server.DelegateAuthenticationMechanism.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Map<String, Object> initialValue() {
            return new HashMap();
        }
    };
    private static final AttachmentKey<AuthenticationMechanism> AUTHENTICATION_MECHANISM_ATTACHMENT_KEY = AttachmentKey.create(AuthenticationMechanism.class);
    private List<AuthenticatorMatcher> authenticatioMatchers = new ArrayList();

    public DelegateAuthenticationMechanism(ServletContext servletContext) {
        this.authenticatioMatchers.add(new TokenEndpointMatcher());
        this.authenticatioMatchers.add(new RememberMeMatcher());
        this.authenticatioMatchers.add(new FormAuthenticationMatcher());
        this.authenticatioMatchers.add(new BearerTokenMatcher());
        Iterator<AuthenticatorMatcher> it = this.authenticatioMatchers.iterator();
        while (it.hasNext()) {
            it.next().initialize(servletContext);
        }
        for (String str : SUPPORTED_CONTEXT) {
            try {
                PolicyContext.registerHandler(str, this, false);
            } catch (Exception e) {
                LOG.debug(e.getClass().getSimpleName() + StringUtils.SPACE + e.getMessage());
            }
        }
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        HttpServletRequest originalRequest = servletRequestContext.getOriginalRequest();
        HTTPRequest createHTTPRequest = FixedServletUtils.createHTTPRequest(originalRequest);
        store(HttpServletRequest.class.getName(), originalRequest).store(HttpServletResponse.class.getName(), servletRequestContext.getOriginalResponse()).store(AuthorizationRequest.class.getName(), resolveAuthorizationRequest(createHTTPRequest)).store(TokenRequest.class.getName(), resolveTokenRequest(createHTTPRequest));
        try {
            for (AuthenticatorMatcher authenticatorMatcher : this.authenticatioMatchers) {
                if (authenticatorMatcher.match(httpServerExchange, originalRequest)) {
                    LOG.debug("use {}", authenticatorMatcher.getClass().getSimpleName());
                    httpServerExchange.putAttachment(AUTHENTICATION_MECHANISM_ATTACHMENT_KEY, authenticatorMatcher);
                    AuthenticationMechanism.AuthenticationMechanismOutcome authenticate = authenticatorMatcher.authenticate(httpServerExchange, securityContext);
                    for (String str : SUPPORTED_CONTEXT) {
                        contextData.get().remove(str);
                    }
                    return authenticate;
                }
            }
            for (String str2 : SUPPORTED_CONTEXT) {
                contextData.get().remove(str2);
            }
            LOG.debug("no authenicatorMatcher found for {}", httpServerExchange);
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
        } catch (Throwable th) {
            for (String str3 : SUPPORTED_CONTEXT) {
                contextData.get().remove(str3);
            }
            throw th;
        }
    }

    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        AuthenticationMechanism authenticationMechanism = (AuthenticationMechanism) httpServerExchange.getAttachment(AUTHENTICATION_MECHANISM_ATTACHMENT_KEY);
        return authenticationMechanism == null ? new AuthenticationMechanism.ChallengeResult(false, Integer.valueOf(HTTPResponse.SC_UNAUTHORIZED)) : authenticationMechanism.sendChallenge(httpServerExchange, securityContext);
    }

    private void debugRequest(HttpServletRequest httpServletRequest) {
        if (LOG.isDebugEnabled()) {
            String method = httpServletRequest.getMethod();
            StringBuilder append = new StringBuilder(method).append(' ');
            append.append(httpServletRequest.getScheme()).append("://").append(httpServletRequest.getServerName()).append(":").append(httpServletRequest.getServerPort()).append(httpServletRequest.getRequestURI());
            if (method.equals("GET")) {
                append.append(httpServletRequest.getQueryString());
            } else {
                Enumeration parameterNames = httpServletRequest.getParameterNames();
                while (parameterNames.hasMoreElements()) {
                    String str = (String) parameterNames.nextElement();
                    append.append("\n ").append(str).append("=");
                    String parameter = httpServletRequest.getParameter(str);
                    try {
                        append.append(URLDecoder.decode(parameter, "UTF-8"));
                    } catch (UnsupportedEncodingException e) {
                        append.append(parameter);
                    }
                }
            }
            LOG.debug(append.toString());
        }
    }

    private DelegateAuthenticationMechanism store(String str, Object obj) {
        if (obj != null) {
            contextData.get().put(str, obj);
        }
        return this;
    }

    private AuthorizationRequest resolveAuthorizationRequest(HTTPRequest hTTPRequest) {
        try {
            return AuthorizationRequest.parse(hTTPRequest);
        } catch (Exception e) {
            try {
                return AuthorizationRequest.parse(hTTPRequest.getQuery());
            } catch (Exception e2) {
                return null;
            }
        }
    }

    private TokenRequest resolveTokenRequest(HTTPRequest hTTPRequest) {
        try {
            return TokenRequest.parse(hTTPRequest);
        } catch (Exception e) {
            return null;
        }
    }

    public Object getContext(String str, Object obj) throws PolicyContextException {
        return contextData.get().get(str);
    }

    public String[] getKeys() throws PolicyContextException {
        return new String[]{HttpServletRequest.class.getName(), HttpServletResponse.class.getName()};
    }

    public boolean supports(String str) throws PolicyContextException {
        for (String str2 : SUPPORTED_CONTEXT) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }
}
