package org.restheart.security.mechanisms;

import com.google.common.collect.Sets;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.server.HttpServerExchange;
import java.util.List;
import java.util.Map;
import org.restheart.configuration.ConfigurationException;
import org.restheart.plugins.Inject;
import org.restheart.plugins.OnInit;
import org.restheart.plugins.RegisterPlugin;
import org.restheart.plugins.security.AuthMechanism;
import org.restheart.security.BaseAccount;

@RegisterPlugin(name = "identityAuthMechanism", description = "authenticates all requests against the configured IdentityManager using the credentials specified in the configuration file", enabledByDefault = false)
/* loaded from: input_file:org/restheart/security/mechanisms/IdentityAuthMechanism.class */
public class IdentityAuthMechanism implements AuthMechanism {
    private String username;
    private List<String> roles;

    @Inject("config")
    private Map<String, Object> config;

    @OnInit
    public void init() throws ConfigurationException {
        this.username = (String) arg(this.config, "username");
        this.roles = (List) arg(this.config, "roles");
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        securityContext.authenticationComplete(new BaseAccount(this.username, Sets.newTreeSet(this.roles)), "IdentityAuthenticationManager", true);
        return AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
    }

    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return new AuthenticationMechanism.ChallengeResult(true, 200);
    }
}
