package org.glassfish.soteria.cdi;

import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
import javax.enterprise.inject.spi.AfterBeanDiscovery;
import javax.enterprise.inject.spi.Annotated;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.BeforeBeanDiscovery;
import javax.enterprise.inject.spi.CDI;
import javax.enterprise.inject.spi.Extension;
import javax.enterprise.inject.spi.ProcessBean;
import javax.interceptor.Interceptor;
import javax.security.enterprise.authentication.mechanism.http.AutoApplySession;
import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
import javax.security.enterprise.authentication.mechanism.http.CustomFormAuthenticationMechanismDefinition;
import javax.security.enterprise.authentication.mechanism.http.FormAuthenticationMechanismDefinition;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.authentication.mechanism.http.LoginToContinue;
import javax.security.enterprise.authentication.mechanism.http.RememberMe;
import javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition;
import javax.security.enterprise.identitystore.IdentityStore;
import javax.security.enterprise.identitystore.IdentityStoreHandler;
import javax.security.enterprise.identitystore.LdapIdentityStoreDefinition;
import org.glassfish.soteria.SecurityContextImpl;
import org.glassfish.soteria.identitystores.DatabaseIdentityStore;
import org.glassfish.soteria.identitystores.EmbeddedIdentityStore;
import org.glassfish.soteria.identitystores.LdapIdentityStore;
import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;
import org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl;
import org.glassfish.soteria.mechanisms.BasicAuthenticationMechanism;
import org.glassfish.soteria.mechanisms.CustomFormAuthenticationMechanism;
import org.glassfish.soteria.mechanisms.FormAuthenticationMechanism;

/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/glassfish/soteria/main/jakarta.security.enterprise-1.0.1-jbossorg-1.jar:org/glassfish/soteria/cdi/CdiExtension.class */
public class CdiExtension implements Extension {
    private static final Logger LOGGER = Logger.getLogger(CdiExtension.class.getName());
    private List<Bean<IdentityStore>> identityStoreBeans = new ArrayList();
    private Bean<HttpAuthenticationMechanism> authenticationMechanismBean;
    private boolean httpAuthenticationMechanismFound;

    public void register(@Observes BeforeBeanDiscovery beforeBeanDiscovery, BeanManager beanManager) {
        CdiUtils.addAnnotatedTypes(beforeBeanDiscovery, beanManager, AutoApplySessionInterceptor.class, RememberMeInterceptor.class, LoginToContinueInterceptor.class, FormAuthenticationMechanism.class, CustomFormAuthenticationMechanism.class, SecurityContextImpl.class, IdentityStoreHandler.class, Pbkdf2PasswordHashImpl.class);
    }

    public <T> void processBean(@Observes ProcessBean<T> processBean, BeanManager beanManager) {
        Class<?> beanClass = processBean.getBean().getBeanClass();
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), EmbeddedIdentityStoreDefinition.class).ifPresent(embeddedIdentityStoreDefinition -> {
            logActivatedIdentityStore(EmbeddedIdentityStore.class, beanClass);
            this.identityStoreBeans.add(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class, EmbeddedIdentityStore.class).addToId(EmbeddedIdentityStoreDefinition.class).create(creationalContext -> {
                return new EmbeddedIdentityStore(embeddedIdentityStoreDefinition);
            }));
        });
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), DatabaseIdentityStoreDefinition.class).ifPresent(databaseIdentityStoreDefinition -> {
            logActivatedIdentityStore(DatabaseIdentityStoreDefinition.class, beanClass);
            this.identityStoreBeans.add(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class, DatabaseIdentityStore.class).addToId(DatabaseIdentityStoreDefinition.class).create(creationalContext -> {
                return new DatabaseIdentityStore(DatabaseIdentityStoreDefinitionAnnotationLiteral.eval(databaseIdentityStoreDefinition));
            }));
        });
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), LdapIdentityStoreDefinition.class).ifPresent(ldapIdentityStoreDefinition -> {
            logActivatedIdentityStore(LdapIdentityStoreDefinition.class, beanClass);
            this.identityStoreBeans.add(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class, LdapIdentityStore.class).addToId(LdapIdentityStoreDefinition.class).create(creationalContext -> {
                return new LdapIdentityStore(LdapIdentityStoreDefinitionAnnotationLiteral.eval(ldapIdentityStoreDefinition));
            }));
        });
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), BasicAuthenticationMechanismDefinition.class).ifPresent(basicAuthenticationMechanismDefinition -> {
            logActivatedAuthenticationMechanism(BasicAuthenticationMechanismDefinition.class, beanClass);
            this.authenticationMechanismBean = new CdiProducer().scope(ApplicationScoped.class).beanClass(BasicAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class, BasicAuthenticationMechanism.class).addToId(BasicAuthenticationMechanismDefinition.class).create(creationalContext -> {
                return new BasicAuthenticationMechanism(BasicAuthenticationMechanismDefinitionAnnotationLiteral.eval(basicAuthenticationMechanismDefinition));
            });
        });
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), FormAuthenticationMechanismDefinition.class).ifPresent(formAuthenticationMechanismDefinition -> {
            logActivatedAuthenticationMechanism(FormAuthenticationMechanismDefinition.class, beanClass);
            this.authenticationMechanismBean = new CdiProducer().scope(ApplicationScoped.class).beanClass(HttpAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class).addToId(FormAuthenticationMechanismDefinition.class).create(creationalContext -> {
                return ((FormAuthenticationMechanism) CDI.current().select(FormAuthenticationMechanism.class, new Annotation[0]).get()).loginToContinue(LoginToContinueAnnotationLiteral.eval(formAuthenticationMechanismDefinition.loginToContinue()));
            });
        });
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), CustomFormAuthenticationMechanismDefinition.class).ifPresent(customFormAuthenticationMechanismDefinition -> {
            logActivatedAuthenticationMechanism(CustomFormAuthenticationMechanismDefinition.class, beanClass);
            this.authenticationMechanismBean = new CdiProducer().scope(ApplicationScoped.class).beanClass(HttpAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class).addToId(CustomFormAuthenticationMechanismDefinition.class).create(creationalContext -> {
                return ((CustomFormAuthenticationMechanism) CDI.current().select(CustomFormAuthenticationMechanism.class, new Annotation[0]).get()).loginToContinue(LoginToContinueAnnotationLiteral.eval(customFormAuthenticationMechanismDefinition.loginToContinue()));
            });
        });
        if (processBean.getBean().getTypes().contains(HttpAuthenticationMechanism.class)) {
            this.httpAuthenticationMechanismFound = true;
        }
        checkForWrongUseOfInterceptors(processBean.getAnnotated(), beanClass);
    }

    public void afterBean(@Observes AfterBeanDiscovery afterBeanDiscovery, BeanManager beanManager) {
        if (!this.identityStoreBeans.isEmpty()) {
            Iterator<Bean<IdentityStore>> it = this.identityStoreBeans.iterator();
            while (it.hasNext()) {
                afterBeanDiscovery.addBean(it.next());
            }
        }
        if (this.authenticationMechanismBean != null) {
            afterBeanDiscovery.addBean(this.authenticationMechanismBean);
        }
        afterBeanDiscovery.addBean(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStoreHandler.class).types(Object.class, IdentityStoreHandler.class).addToId(IdentityStoreHandler.class).create(creationalContext -> {
            DefaultIdentityStoreHandler defaultIdentityStoreHandler = new DefaultIdentityStoreHandler();
            defaultIdentityStoreHandler.init();
            return defaultIdentityStoreHandler;
        }));
    }

    public boolean isHttpAuthenticationMechanismFound() {
        return this.httpAuthenticationMechanismFound;
    }

    private void logActivatedIdentityStore(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} identity store from {1} class", new Object[]{cls.getName(), cls2.getName()});
    }

    private void logActivatedAuthenticationMechanism(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} authentication mechanism from {1} class", new Object[]{cls.getName(), cls2.getName()});
    }

    private void checkForWrongUseOfInterceptors(Annotated annotated, Class<?> cls) {
        for (Class<? extends Annotation> cls2 : Arrays.asList(AutoApplySession.class, LoginToContinue.class, RememberMe.class)) {
            if (annotated.isAnnotationPresent(cls2) && !annotated.isAnnotationPresent(Interceptor.class) && !HttpAuthenticationMechanism.class.isAssignableFrom(cls)) {
                LOGGER.log(Level.WARNING, "Only classes implementing {0} may be annotated with {1}. {2} is annotated, but the interceptor won't take effect on it.", new Object[]{HttpAuthenticationMechanism.class.getName(), cls2.getName(), cls.getName()});
            }
        }
    }
}
