package org.teiid.jboss.oauth;

import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant;

/* loaded from: input_file:org/teiid/jboss/oauth/SAMLBearerTokenLoginModule.class */
public abstract class SAMLBearerTokenLoginModule extends OAuth20LoginModule {
    private String scope;

    @Override // org.teiid.jboss.oauth.OAuth20LoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.scope = (String) map2.get("scope");
    }

    @Override // org.teiid.jboss.oauth.OAuth20LoginModule
    public boolean login() throws LoginException {
        this.callerSubject = getSubject();
        this.callerPrincipal = getPrincipal();
        final String sAMLResponseToken = getSAMLResponseToken();
        if (sAMLResponseToken == null) {
            return false;
        }
        OAuth20CredentialImpl oAuth20CredentialImpl = new OAuth20CredentialImpl() { // from class: org.teiid.jboss.oauth.SAMLBearerTokenLoginModule.1
            @Override // org.teiid.jboss.oauth.OAuth20CredentialImpl
            protected ClientAccessToken getAccessToken() {
                return OAuthClientUtils.getAccessToken(WebClient.create(getAccessTokenURI()), new OAuthClientUtils.Consumer(getClientId(), getClientSecret()), SAMLBearerTokenLoginModule.this.scope != null ? new Saml2BearerGrant(sAMLResponseToken, SAMLBearerTokenLoginModule.this.scope) : new Saml2BearerGrant(sAMLResponseToken), (Map) null, false);
            }
        };
        oAuth20CredentialImpl.setClientId(getClientId());
        oAuth20CredentialImpl.setClientSecret(getClientSecret());
        oAuth20CredentialImpl.setAccessTokenURI(getAccessTokenURI());
        setCredential(oAuth20CredentialImpl);
        return super.login();
    }

    public abstract String getSAMLResponseToken();
}
