package com.adeptj.modules.jaxrs.core;

import com.adeptj.modules.jaxrs.core.JaxRSException;
import com.adeptj.modules.jaxrs.core.api.JaxRSAuthenticationRealm;
import com.adeptj.modules.security.jwt.JwtService;
import java.util.ArrayList;
import java.util.List;
import javax.validation.constraints.NotNull;
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/auth")
@Component(immediate = true, service = {JaxRSAuthenticator.class}, property = {JaxRSAuthenticator.RESOURCE_BASE})
/* loaded from: input_file:com/adeptj/modules/jaxrs/core/JaxRSAuthenticator.class */
public class JaxRSAuthenticator {
    private static final Logger LOGGER = LoggerFactory.getLogger(JaxRSAuthenticator.class);
    private static final String BIND_JWT_SERVICE = "bindJwtService";
    private static final String UNBIND_JWT_SERVICE = "unbindJwtService";
    static final String RESOURCE_BASE = "osgi.jaxrs.resource.base=authenticator";

    @Reference(service = JaxRSAuthenticationRealm.class, cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC)
    private volatile List<JaxRSAuthenticationRealm> authRealms = new ArrayList();

    @Reference(bind = BIND_JWT_SERVICE, unbind = UNBIND_JWT_SERVICE, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
    private volatile JwtService jwtService;

    @POST
    @Path("/jwt/issue")
    @Consumes({"application/x-www-form-urlencoded"})
    public Response handleSecurity(@NotNull @FormParam("subject") String str, @NotNull @FormParam("password") String str2) {
        Response build;
        if (this.jwtService == null) {
            LOGGER.warn("Can't issue token as JwtService unavailable!");
            build = Response.status(Response.Status.SERVICE_UNAVAILABLE).type("text/plain").entity("JwtService unavailable!!").build();
        } else {
            try {
                JaxRSAuthenticationInfo authenticationInfo = getAuthenticationInfo(str, str2);
                build = authenticationInfo == null ? Response.status(Response.Status.UNAUTHORIZED).type("text/plain").entity("Invalid credentials!!").build() : Response.ok("Token issued successfully!!").type("text/plain").header("Authorization", this.jwtService.issue(str, authenticationInfo)).build();
            } catch (Exception e) {
                LOGGER.error(e.getMessage(), e);
                throw new JaxRSException.Builder().message(e.getMessage()).cause(e).status(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).build();
            }
        }
        return build;
    }

    @GET
    @Path("/jwt/verify")
    @RequiresJwt
    public Response checkJwt() {
        return Response.ok("JWT is valid!!").type("text/plain").build();
    }

    private JaxRSAuthenticationInfo getAuthenticationInfo(String str, String str2) {
        this.authRealms.sort(JaxRSAuthenticator::compare);
        for (JaxRSAuthenticationRealm jaxRSAuthenticationRealm : this.authRealms) {
            JaxRSAuthenticationInfo authenticationInfo = jaxRSAuthenticationRealm.getAuthenticationInfo(str, str2);
            if (authenticationInfo != null || !LOGGER.isDebugEnabled()) {
                return authenticationInfo;
            }
            LOGGER.debug("Realm: [{}] couldn't validate credentials!", jaxRSAuthenticationRealm.getName());
        }
        return null;
    }

    private static int compare(JaxRSAuthenticationRealm jaxRSAuthenticationRealm, JaxRSAuthenticationRealm jaxRSAuthenticationRealm2) {
        return Integer.compare(jaxRSAuthenticationRealm2.priority(), jaxRSAuthenticationRealm.priority());
    }

    protected void bindJwtService(JwtService jwtService) {
        this.jwtService = jwtService;
    }

    protected void unbindJwtService(JwtService jwtService) {
        this.jwtService = null;
    }
}
