package io.quarkus.oidc.runtime;

import io.quarkus.oidc.OIDCException;
import io.quarkus.oidc.OidcTenantConfig;
import io.quarkus.oidc.SecurityEvent;
import io.quarkus.oidc.TenantConfigResolver;
import io.quarkus.oidc.TenantResolver;
import io.quarkus.oidc.TokenStateManager;
import io.smallrye.mutiny.Uni;
import io.smallrye.mutiny.groups.UniCreate;
import io.vertx.ext.web.RoutingContext;
import java.util.concurrent.Executor;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Event;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.jboss.logging.Logger;

@ApplicationScoped
/* loaded from: input_file:io/quarkus/oidc/runtime/DefaultTenantConfigResolver.class */
public class DefaultTenantConfigResolver {
    private static final Logger LOG = Logger.getLogger((Class<?>) DefaultTenantConfigResolver.class);
    private static final String CURRENT_STATIC_TENANT_ID = "static.tenant.id";
    private static final String CURRENT_STATIC_TENANT_ID_NULL = "static.tenant.id.null";
    private static final String CURRENT_DYNAMIC_TENANT_CONFIG = "dynamic.tenant.config";
    private static final String CURRENT_DYNAMIC_TENANT_CONFIG_NULL = "dynamic.tenant.config.null";

    @Inject
    Instance<TenantResolver> tenantResolver;

    @Inject
    Instance<TenantConfigResolver> tenantConfigResolver;

    @Inject
    TenantConfigBean tenantConfigBean;

    @Inject
    Instance<TokenStateManager> tokenStateManager;

    @Inject
    Event<SecurityEvent> securityEvent;

    @Inject
    @ConfigProperty(name = "quarkus.http.proxy.enable-forwarded-prefix")
    boolean enableHttpForwardedPrefix;
    private volatile boolean securityEventObserved;

    @PostConstruct
    public void verifyResolvers() {
        if (this.tenantConfigResolver.isResolvable() && this.tenantConfigResolver.isAmbiguous()) {
            throw new IllegalStateException("Multiple " + TenantConfigResolver.class + " beans registered");
        }
        if (this.tenantResolver.isResolvable() && this.tenantResolver.isAmbiguous()) {
            throw new IllegalStateException("Multiple " + TenantResolver.class + " beans registered");
        }
        if (this.tokenStateManager.isAmbiguous()) {
            throw new IllegalStateException("Multiple " + TokenStateManager.class + " beans registered");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OidcTenantConfig resolveConfig(RoutingContext routingContext) {
        TenantConfigContext staticTenantContext;
        OidcTenantConfig dynamicTenantConfig = getDynamicTenantConfig(routingContext);
        if (dynamicTenantConfig == null && (staticTenantContext = getStaticTenantContext(routingContext)) != null) {
            dynamicTenantConfig = staticTenantContext.oidcConfig;
        }
        return dynamicTenantConfig;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Uni<TenantConfigContext> resolveContext(RoutingContext routingContext) {
        Uni<TenantConfigContext> dynamicTenantContext = getDynamicTenantContext(routingContext);
        if (dynamicTenantContext == null) {
            dynamicTenantContext = Uni.createFrom().item((UniCreate) getStaticTenantContext(routingContext));
        }
        return dynamicTenantContext;
    }

    private TenantConfigContext getStaticTenantContext(RoutingContext routingContext) {
        String str = null;
        if (this.tenantResolver.isResolvable()) {
            str = (String) routingContext.get(CURRENT_STATIC_TENANT_ID);
            if (str == null && routingContext.get(CURRENT_STATIC_TENANT_ID_NULL) == null) {
                str = this.tenantResolver.get().resolve(routingContext);
                if (str != null) {
                    routingContext.put(CURRENT_STATIC_TENANT_ID, str);
                } else {
                    routingContext.put(CURRENT_STATIC_TENANT_ID_NULL, true);
                }
            }
        }
        TenantConfigContext tenantConfigContext = str != null ? this.tenantConfigBean.getStaticTenantsConfig().get(str) : null;
        if (tenantConfigContext == null) {
            if (str != null && !str.isEmpty()) {
                LOG.debugf("Registered TenantResolver has not provided the configuration for tenant '%s', using the default tenant", str);
            }
            tenantConfigContext = this.tenantConfigBean.getDefaultTenant();
        }
        if (!tenantConfigContext.ready) {
            LOG.debugf("Tenant '%s' is not initialized", str);
            tenantConfigContext = null;
        }
        return tenantConfigContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSecurityEventObserved() {
        return this.securityEventObserved;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSecurityEventObserved(boolean z) {
        this.securityEventObserved = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Event<SecurityEvent> getSecurityEvent() {
        return this.securityEvent;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TokenStateManager getTokenStateManager() {
        return this.tokenStateManager.get();
    }

    private OidcTenantConfig getDynamicTenantConfig(RoutingContext routingContext) {
        OidcTenantConfig oidcTenantConfig = null;
        if (this.tenantConfigResolver.isResolvable()) {
            oidcTenantConfig = (OidcTenantConfig) routingContext.get(CURRENT_DYNAMIC_TENANT_CONFIG);
            if (oidcTenantConfig == null && routingContext.get(CURRENT_DYNAMIC_TENANT_CONFIG_NULL) == null) {
                oidcTenantConfig = this.tenantConfigResolver.get().resolve(routingContext);
                if (oidcTenantConfig != null) {
                    routingContext.put(CURRENT_DYNAMIC_TENANT_CONFIG, oidcTenantConfig);
                } else {
                    routingContext.put(CURRENT_DYNAMIC_TENANT_CONFIG_NULL, true);
                }
            }
        }
        return oidcTenantConfig;
    }

    private Uni<TenantConfigContext> getDynamicTenantContext(RoutingContext routingContext) {
        OidcTenantConfig dynamicTenantConfig = getDynamicTenantConfig(routingContext);
        if (dynamicTenantConfig == null) {
            return null;
        }
        TenantConfigContext tenantConfigContext = this.tenantConfigBean.getDynamicTenantsConfig().get(dynamicTenantConfig.getTenantId().orElseThrow(() -> {
            return new OIDCException("Tenant configuration must have tenant id");
        }));
        return tenantConfigContext == null ? this.tenantConfigBean.getTenantConfigContextFactory().apply(dynamicTenantConfig) : Uni.createFrom().item((UniCreate) tenantConfigContext);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isEnableHttpForwardedPrefix() {
        return this.enableHttpForwardedPrefix;
    }

    public Executor getBlockingExecutor() {
        return this.tenantConfigBean.getBlockingExecutor();
    }
}
