package org.hawkular.accounts.secretstore.boundary;

import java.util.Base64;
import javax.annotation.Resource;
import javax.annotation.security.PermitAll;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.hawkular.accounts.common.UsernamePasswordConverter;
import org.hawkular.accounts.secretstore.api.Token;
import org.hawkular.accounts.secretstore.api.TokenService;
import org.hawkular.accounts.secretstore.entity.TokenCreateResponse;
import org.hawkular.accounts.secretstore.entity.TokenErrorResponse;

@Path("tokens")
@PermitAll
@Stateless
/* loaded from: input_file:WEB-INF/classes/org/hawkular/accounts/secretstore/boundary/TokenEndpoint.class */
public class TokenEndpoint {

    @Resource
    SessionContext sessionContext;

    @Context
    HttpServletRequest request;

    @Context
    ServletContext servletContext;

    @Inject
    TokenService tokenService;

    @Inject
    UsernamePasswordConverter usernamePasswordConverter;

    @GET
    @Path("create")
    public Response createFromRedirect() {
        return create(this.sessionContext.getCallerPrincipal().getKeycloakSecurityContext().getRefreshToken());
    }

    @POST
    @Path("create")
    public Response createFromBasicAuth() throws Exception {
        String[] split = this.request.getHeader("Authorization").trim().split("\\s+");
        if (split.length != 2) {
            return Response.status(Response.Status.BAD_REQUEST).entity(new TokenErrorResponse("Invalid authorization details.")).build();
        }
        if (!split[0].equalsIgnoreCase("Basic")) {
            return Response.status(Response.Status.BAD_REQUEST).entity(new TokenErrorResponse("Only 'Basic' authentication is supported.")).build();
        }
        String[] split2 = new String(Base64.getDecoder().decode(split[1])).split(":");
        String str = split2[0];
        String str2 = split2[1];
        if (str != null && !str.isEmpty()) {
            return create(this.usernamePasswordConverter.getOfflineToken(str, str2));
        }
        return Response.status(Response.Status.BAD_REQUEST).entity(new TokenErrorResponse("Username is not provided.")).build();
    }

    private Response create(String str) {
        Token token = new Token(null, str);
        this.tokenService.create(token);
        return Response.ok(new TokenCreateResponse(token)).build();
    }
}
