package org.infinispan.server.endpoint.subsystem.security;

import io.netty.channel.ChannelHandlerContext;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.concurrent.Executor;
import javax.security.auth.Subject;
import org.infinispan.rest.RestResponseException;
import org.infinispan.rest.RestServer;
import org.infinispan.rest.authentication.Authenticator;
import org.infinispan.rest.framework.RestRequest;
import org.infinispan.rest.framework.RestResponse;
import org.jboss.as.core.security.RealmRole;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;

/* loaded from: input_file:org/infinispan/server/endpoint/subsystem/security/SecurityRealmRestAuthenticator.class */
public class SecurityRealmRestAuthenticator implements Authenticator {
    private final HttpAuthenticationFactory factory;
    private final String mechanismName;
    private Executor executor;

    public SecurityRealmRestAuthenticator(HttpAuthenticationFactory httpAuthenticationFactory, String str) {
        this.factory = httpAuthenticationFactory;
        this.mechanismName = str;
    }

    public CompletionStage<RestResponse> challenge(RestRequest restRequest, ChannelHandlerContext channelHandlerContext) {
        HttpServerRequestAdapter httpServerRequestAdapter = new HttpServerRequestAdapter(restRequest, channelHandlerContext);
        return CompletableFuture.supplyAsync(() -> {
            try {
                HttpServerAuthenticationMechanism httpServerAuthenticationMechanism = (HttpServerAuthenticationMechanism) this.factory.createMechanism(this.mechanismName);
                httpServerAuthenticationMechanism.evaluateRequest(httpServerRequestAdapter);
                SecurityIdentity securityIdentity = (SecurityIdentity) httpServerAuthenticationMechanism.getNegotiatedProperty("wildfly.http.security-identity");
                if (securityIdentity != null) {
                    Subject subject = new Subject();
                    subject.getPrincipals().add(securityIdentity.getPrincipal());
                    securityIdentity.getRoles().forEach(str -> {
                        subject.getPrincipals().add(new RealmRole(str));
                    });
                    restRequest.setSubject(subject);
                }
                return httpServerRequestAdapter.getResponse();
            } catch (HttpAuthenticationException e) {
                throw new RestResponseException(e);
            }
        }, this.executor);
    }

    public void init(RestServer restServer) {
        this.executor = restServer.getExecutor();
    }
}
