package com.networknt.oauth.security;

import com.networknt.client.ClientConfig;
import com.networknt.config.JsonMapper;
import com.networknt.db.provider.DbProvider;
import com.networknt.exception.ApiException;
import com.networknt.monad.Result;
import com.networknt.service.SingletonServiceFactory;
import com.networknt.utility.Constants;
import io.undertow.UndertowLogger;
import io.undertow.UndertowMessages;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.IdentityManager;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormData;
import io.undertow.server.handlers.form.FormDataParser;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import io.undertow.util.RedirectBuilder;
import io.undertow.util.Sessions;
import io.undertow.util.StatusCodes;
import java.io.IOException;
import java.util.Map;
import net.lightapi.portal.db.PortalDbProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/oauth/security/LightFormAuthenticationMechanism.class */
public class LightFormAuthenticationMechanism implements AuthenticationMechanism {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) LightFormAuthenticationMechanism.class);
    static PortalDbProvider dbProvider = (PortalDbProvider) SingletonServiceFactory.getBean(DbProvider.class);
    public static final String LOCATION_ATTRIBUTE = LightFormAuthenticationMechanism.class.getName() + ".LOCATION";
    public static final String DEFAULT_POST_LOCATION = "/j_security_check";
    private final String name;
    private final String loginPage;
    private final String errorPage;
    private final String postLocation;
    private final FormParserFactory formParserFactory;
    private final IdentityManager identityManager;

    public LightFormAuthenticationMechanism(String str, String str2, String str3) {
        this(FormParserFactory.builder().build(), str, str2, str3);
    }

    public LightFormAuthenticationMechanism(String str, String str2, String str3, String str4) {
        this(FormParserFactory.builder().build(), str, str2, str3, str4);
    }

    public LightFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3) {
        this(formParserFactory, str, str2, str3, "/j_security_check");
    }

    public LightFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, IdentityManager identityManager) {
        this(formParserFactory, str, str2, str3, "/j_security_check", identityManager);
    }

    public LightFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, String str4) {
        this(formParserFactory, str, str2, str3, str4, null);
    }

    public LightFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, String str4, IdentityManager identityManager) {
        this.name = str;
        this.loginPage = str2;
        this.errorPage = str3;
        this.postLocation = str4;
        this.formParserFactory = formParserFactory;
        this.identityManager = identityManager;
    }

    private IdentityManager getIdentityManager(SecurityContext securityContext) {
        return this.identityManager != null ? this.identityManager : securityContext.getIdentityManager();
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return (httpServerExchange.getRequestPath().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST)) ? runFormAuth(httpServerExchange, securityContext) : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome runFormAuth(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        Result<String> queryClientByClientId;
        FormDataParser createParser = this.formParserFactory.createParser(httpServerExchange);
        if (createParser == null) {
            UndertowLogger.SECURITY_LOGGER.debug("Could not authenticate as no form parser is present");
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
        try {
            FormData parseBlocking = createParser.parseBlocking();
            FormData.FormValue first = parseBlocking.getFirst("j_username");
            FormData.FormValue first2 = parseBlocking.getFirst("j_password");
            FormData.FormValue first3 = parseBlocking.getFirst("client_id");
            FormData.FormValue first4 = parseBlocking.getFirst(Constants.USER_TYPE);
            if (first == null || first2 == null) {
                UndertowLogger.SECURITY_LOGGER.debugf("Could not authenticate as username or password was not present in the posted result for %s", httpServerExchange);
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            String value = first.getValue();
            String value2 = first2.getValue();
            String value3 = first4.getValue();
            String value4 = first3.getValue();
            String str = null;
            if (!value4.equals((String) ((Map) ClientConfig.get().getTokenConfig().get(ClientConfig.CLIENT_CREDENTIALS)).get("client_id"))) {
                Map<String, Object> map = null;
                try {
                    queryClientByClientId = dbProvider.queryClientByClientId(value4);
                } catch (ApiException e) {
                    logger.error("ApiException: ", (Throwable) e);
                }
                if (queryClientByClientId.isFailure()) {
                    logger.error("failed to get the client: " + String.valueOf(queryClientByClientId.getError()));
                    throw new ApiException(queryClientByClientId.getError());
                }
                map = JsonMapper.string2Map(queryClientByClientId.getResult());
                if (map != null) {
                    str = (String) map.get("authenticateClass");
                }
            }
            AuthenticationMechanism.AuthenticationMechanismOutcome authenticationMechanismOutcome = null;
            try {
                Account verify = getIdentityManager(securityContext).verify(value, new LightPasswordCredential(value2.toCharArray(), str, value3, httpServerExchange));
                if (verify == null) {
                    securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(value), this.name);
                } else if ("error".equals(verify.getPrincipal().getName())) {
                    securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(value), this.name);
                } else {
                    securityContext.authenticationComplete(verify, this.name, true);
                    UndertowLogger.SECURITY_LOGGER.debugf("Authenticated user %s using for auth for %s", verify.getPrincipal().getName(), httpServerExchange);
                    authenticationMechanismOutcome = AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
                }
                return authenticationMechanismOutcome != null ? authenticationMechanismOutcome : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            } catch (Throwable th) {
                if (0 != 0) {
                    return null;
                }
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        if (httpServerExchange.getRequestPath().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST)) {
            UndertowLogger.SECURITY_LOGGER.debugf("Serving form auth error page %s for %s", this.loginPage, httpServerExchange);
            return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.errorPage));
        }
        UndertowLogger.SECURITY_LOGGER.debugf("Serving login form %s for %s", this.loginPage, httpServerExchange);
        storeInitialLocation(httpServerExchange);
        return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.loginPage));
    }

    protected void storeInitialLocation(HttpServerExchange httpServerExchange) {
        Sessions.getOrCreateSession(httpServerExchange).setAttribute(LOCATION_ATTRIBUTE, RedirectBuilder.redirect(httpServerExchange, httpServerExchange.getRelativePath()));
    }

    protected Integer servePage(HttpServerExchange httpServerExchange, String str) {
        sendRedirect(httpServerExchange, str);
        return Integer.valueOf(StatusCodes.TEMPORARY_REDIRECT);
    }

    static void sendRedirect(HttpServerExchange httpServerExchange, String str) {
        httpServerExchange.getResponseHeaders().put(Headers.LOCATION, httpServerExchange.getRequestScheme() + "://" + httpServerExchange.getHostAndPort() + str);
    }
}
