package org.wildfly.elytron.web.netty.server;

import io.netty.buffer.Unpooled;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.handler.codec.http.DefaultFullHttpResponse;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.HttpVersion;
import io.netty.util.AsciiString;
import java.util.List;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpAuthenticator;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;

/* loaded from: input_file:org/wildfly/elytron/web/netty/server/ElytronInboundHandler.class */
class ElytronInboundHandler extends ChannelInboundHandlerAdapter {
    private static final AsciiString CONTENT_LENGTH = AsciiString.cached("Content-Length");
    private final HttpAuthenticationFactory httpAuthenticationFactory;
    private final SecurityDomain securityDomain;
    private final Predicate<HttpRequest> authenticationRequired;
    private volatile ElytronResponse elytronResponse;
    private volatile SecurityIdentity securityIdentity;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ElytronInboundHandler(HttpAuthenticationFactory httpAuthenticationFactory, Predicate<HttpRequest> predicate) {
        this.httpAuthenticationFactory = httpAuthenticationFactory;
        this.securityDomain = httpAuthenticationFactory.getSecurityDomain();
        this.authenticationRequired = predicate;
    }

    public void channelRead(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
        System.out.println("ElytronInboundHandler.channelRead()");
        if (obj instanceof HttpRequest) {
            HttpRequest httpRequest = (HttpRequest) obj;
            boolean test = this.authenticationRequired != null ? this.authenticationRequired.test(httpRequest) : true;
            this.elytronResponse = new ElytronResponse();
            ElytronHttpExchange elytronHttpExchange = new ElytronHttpExchange(httpRequest, this.elytronResponse, channelHandlerContext.channel().remoteAddress());
            if (!HttpAuthenticator.builder().setSecurityDomain(this.securityDomain).setMechanismSupplier(() -> {
                return (List) this.httpAuthenticationFactory.getMechanismNames().stream().map(str -> {
                    try {
                        return (HttpServerAuthenticationMechanism) this.httpAuthenticationFactory.createMechanism(str);
                    } catch (HttpAuthenticationException e) {
                        throw new RuntimeException("Failed to create mechanism.", e);
                    }
                }).filter(httpServerAuthenticationMechanism -> {
                    return httpServerAuthenticationMechanism != null;
                }).collect(Collectors.toList());
            }).setHttpExchangeSpi(elytronHttpExchange).setRequired(test).build().authenticate()) {
                System.out.println("ElytronInboundHandler - Lets turn this request around.");
                byte[] responseBytes = this.elytronResponse.getResponseBytes();
                HttpResponseStatus valueOf = this.elytronResponse.getStatusCode() > 0 ? HttpResponseStatus.valueOf(this.elytronResponse.getStatusCode()) : HttpResponseStatus.OK;
                DefaultFullHttpResponse defaultFullHttpResponse = responseBytes != null ? new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, valueOf, Unpooled.wrappedBuffer(responseBytes)) : new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, valueOf);
                defaultFullHttpResponse.headers().setInt(CONTENT_LENGTH, defaultFullHttpResponse.content().readableBytes());
                channelHandlerContext.write(defaultFullHttpResponse);
                return;
            }
            this.securityIdentity = elytronHttpExchange.getSecurityIdentity();
        }
        super.channelRead(channelHandlerContext, obj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityIdentity getSecurityIdentity() {
        return this.securityIdentity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ElytronResponse getElytronResponse() {
        return this.elytronResponse;
    }
}
