package alpine.server.auth;

import alpine.common.logging.Logger;
import alpine.common.util.ProxyConfig;
import alpine.common.util.ProxyUtil;
import alpine.server.auth.AlpineAuthenticationException;
import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.openid.connect.sdk.UserInfoRequest;
import com.nimbusds.openid.connect.sdk.UserInfoResponse;
import com.nimbusds.openid.connect.sdk.claims.UserInfo;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;

/* loaded from: input_file:alpine/server/auth/OidcUserInfoAuthenticator.class */
class OidcUserInfoAuthenticator {
    private static final Logger LOGGER = Logger.getLogger(OidcUserInfoAuthenticator.class);
    private final OidcConfiguration configuration;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OidcUserInfoAuthenticator(OidcConfiguration oidcConfiguration) {
        this.configuration = oidcConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OidcProfile authenticate(String str, OidcProfileCreator oidcProfileCreator) throws AlpineAuthenticationException {
        try {
            HTTPRequest hTTPRequest = new UserInfoRequest(this.configuration.getUserInfoEndpointUri(), new BearerAccessToken(str)).toHTTPRequest();
            ProxyConfig proxyConfig = ProxyUtil.getProxyConfig();
            if (proxyConfig != null && proxyConfig.shouldProxy(this.configuration.getUserInfoEndpointUri().toURL())) {
                hTTPRequest.setProxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyConfig.getHost(), proxyConfig.getPort())));
            }
            UserInfoResponse parse = UserInfoResponse.parse(hTTPRequest.send());
            if (parse.indicatesSuccess()) {
                UserInfo userInfo = parse.toSuccessResponse().getUserInfo();
                LOGGER.debug("UserInfo response: " + userInfo.toJSONString());
                return oidcProfileCreator.create(userInfo);
            }
            ErrorObject errorObject = parse.toErrorResponse().getErrorObject();
            LOGGER.error("UserInfo request failed (Code:" + errorObject.getCode() + ", Description: " + errorObject.getDescription() + ")");
            throw new AlpineAuthenticationException(AlpineAuthenticationException.CauseType.INVALID_CREDENTIALS);
        } catch (IOException e) {
            LOGGER.error("UserInfo request failed", e);
            throw new AlpineAuthenticationException(AlpineAuthenticationException.CauseType.OTHER);
        } catch (ParseException e2) {
            LOGGER.error("Parsing UserInfo response failed", e2);
            throw new AlpineAuthenticationException(AlpineAuthenticationException.CauseType.OTHER);
        }
    }
}
