package org.pac4j.http.credentials.authenticator;

import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.definition.CommonProfileDefinition;
import org.pac4j.core.profile.definition.ProfileDefinitionAware;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.HttpUtils;
import org.pac4j.http.profile.RestProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/http/credentials/authenticator/RestAuthenticator.class */
public class RestAuthenticator extends ProfileDefinitionAware implements Authenticator {

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(RestAuthenticator.class);
    private ObjectMapper mapper;
    private String url;

    public RestAuthenticator() {
    }

    public RestAuthenticator(String str) {
        this.url = str;
    }

    protected void internalInit(boolean z) {
        CommonHelper.assertNotBlank("url", this.url);
        setProfileDefinitionIfUndefined(new CommonProfileDefinition(objArr -> {
            return new RestProfile();
        }));
        if (this.mapper == null) {
            this.mapper = new ObjectMapper();
            this.mapper.configure(JsonParser.Feature.ALLOW_UNQUOTED_FIELD_NAMES, true);
            this.mapper.configure(JsonParser.Feature.ALLOW_SINGLE_QUOTES, true);
            this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        }
    }

    public Optional<Credentials> validate(CallContext callContext, Credentials credentials) {
        init();
        UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
        String username = usernamePasswordCredentials.getUsername();
        String password = usernamePasswordCredentials.getPassword();
        if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
            LOGGER.info("Empty username or password");
            return Optional.of(usernamePasswordCredentials);
        }
        String callRestApi = callRestApi(username, password);
        LOGGER.debug("body: {}", callRestApi);
        if (callRestApi != null) {
            buildProfile(usernamePasswordCredentials, callRestApi);
        }
        return Optional.of(usernamePasswordCredentials);
    }

    protected void buildProfile(UsernamePasswordCredentials usernamePasswordCredentials, String str) {
        try {
            RestProfile restProfile = (RestProfile) this.mapper.readValue(str, getProfileDefinition().newProfile(new Object[0]).getClass());
            LOGGER.debug("profile: {}", restProfile);
            usernamePasswordCredentials.setUserProfile(restProfile);
        } catch (IOException e) {
            throw new TechnicalException(e);
        }
    }

    protected String callRestApi(String str, String str2) {
        String encodeToString = Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(StandardCharsets.UTF_8));
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic " + encodeToString);
        try {
            try {
                HttpURLConnection openPostConnection = HttpUtils.openPostConnection(new URL(this.url), hashMap);
                int responseCode = openPostConnection.getResponseCode();
                if (responseCode == 200) {
                    LOGGER.debug("Authentication success for username: {}", str);
                    String readBody = HttpUtils.readBody(openPostConnection);
                    HttpUtils.closeConnection(openPostConnection);
                    return readBody;
                }
                if (responseCode == 401 || responseCode == 403) {
                    LOGGER.info("Authentication failure for username: {} -> {}", str, HttpUtils.buildHttpErrorMessage(openPostConnection));
                    HttpUtils.closeConnection(openPostConnection);
                    return null;
                }
                LOGGER.warn("Unexpected error for username: {} -> {}", str, HttpUtils.buildHttpErrorMessage(openPostConnection));
                HttpUtils.closeConnection(openPostConnection);
                return null;
            } catch (IOException e) {
                throw new TechnicalException(e);
            }
        } catch (Throwable th) {
            HttpUtils.closeConnection((HttpURLConnection) null);
            throw th;
        }
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public ObjectMapper getMapper() {
        return this.mapper;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String getUrl() {
        return this.url;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setMapper(ObjectMapper objectMapper) {
        this.mapper = objectMapper;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setUrl(String str) {
        this.url = str;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String toString() {
        return "RestAuthenticator(mapper=" + String.valueOf(this.mapper) + ", url=" + this.url + ")";
    }
}
