package io.nessus.actions.portal;

import io.nessus.actions.core.utils.ApiUtils;
import io.nessus.actions.jaxrs.type.UserState;
import io.nessus.actions.jaxrs.type.UserTokens;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.session.Session;
import javax.ws.rs.core.Response;
import org.apache.velocity.VelocityContext;

/* loaded from: input_file:io/nessus/actions/portal/AbstractUserResource.class */
abstract class AbstractUserResource extends AbstractWebResource {
    @Override // io.nessus.actions.portal.AbstractWebResource
    protected final String handlePageRequest(HttpServerExchange httpServerExchange, VelocityContext velocityContext) throws Exception {
        if (validateUserSession(httpServerExchange, velocityContext)) {
            return handlePageRequest(httpServerExchange, velocityContext, getSession(httpServerExchange, false));
        }
        redirectToLogin(httpServerExchange);
        return null;
    }

    @Override // io.nessus.actions.portal.AbstractWebResource
    protected final void handleActionRequest(HttpServerExchange httpServerExchange, VelocityContext velocityContext) throws Exception {
        if (validateUserSession(httpServerExchange, velocityContext)) {
            handleActionRequest(httpServerExchange, velocityContext, getSession(httpServerExchange, false));
        } else {
            redirectToLogin(httpServerExchange);
        }
    }

    protected String handlePageRequest(HttpServerExchange httpServerExchange, VelocityContext velocityContext, Session session) throws Exception {
        throw new UnsupportedOperationException(httpServerExchange.getRequestPath());
    }

    protected void handleActionRequest(HttpServerExchange httpServerExchange, VelocityContext velocityContext, Session session) throws Exception {
        throw new UnsupportedOperationException(httpServerExchange.getRequestPath());
    }

    private boolean validateUserSession(HttpServerExchange httpServerExchange, VelocityContext velocityContext) throws Exception {
        Session session = getSession(httpServerExchange, false);
        UserTokens userTokens = (UserTokens) getAttribute(session, UserTokens.class);
        if (userTokens == null) {
            return false;
        }
        String refreshAccessToken = getKeycloakService().refreshAccessToken(userTokens.refreshToken);
        String str = userTokens.userId;
        setAttribute(session, new UserTokens(userTokens, refreshAccessToken));
        Response withClient = withClient(ApiUtils.jaxrsUri(this.config, "/api/user/" + str + "/state"), webTarget -> {
            return webTarget.request().header("Authorization", "Bearer " + refreshAccessToken).get();
        });
        if (!ApiUtils.hasStatus(withClient, new Response.Status[]{Response.Status.OK})) {
            return false;
        }
        setAttribute(session, (UserState) withClient.readEntity(UserState.class));
        return true;
    }
}
