package io.apiman.plugins.keycloak_oauth_policy.failures;

import io.apiman.gateway.engine.beans.PolicyFailure;
import io.apiman.gateway.engine.beans.PolicyFailureType;
import io.apiman.gateway.engine.components.IPolicyFailureFactoryComponent;
import io.apiman.gateway.engine.policy.IPolicyContext;
import io.apiman.plugins.keycloak_oauth_policy.Messages;
import org.keycloak.VerificationException;

/* loaded from: input_file:WEB-INF/classes/io/apiman/plugins/keycloak_oauth_policy/failures/PolicyFailureFactory.class */
public class PolicyFailureFactory {
    private static final int HTTP_UNAUTHORIZED = 401;
    private static final int AUTH_MISSING_ROLE = 11001;
    private static final int AUTH_BLACKLISTED_TOKEN = 11002;
    private static final int AUTH_NO_TRANSPORT_SECURITY = 11003;
    private static final int AUTH_VERIFICATION_ERROR = 11004;
    private static final int AUTH_NOT_PROVIDED = 11005;

    public PolicyFailure noAuthenticationProvided(IPolicyContext iPolicyContext) {
        return createAuthenticationPolicyFailure(iPolicyContext, AUTH_NOT_PROVIDED, Messages.getString("KeycloakOauthPolicy.NoTokenGiven"));
    }

    public PolicyFailure verificationException(IPolicyContext iPolicyContext, VerificationException verificationException) {
        return createAuthenticationPolicyFailure(iPolicyContext, AUTH_VERIFICATION_ERROR, verificationException.getMessage());
    }

    public PolicyFailure noTransportSecurity(IPolicyContext iPolicyContext) {
        return createAuthenticationPolicyFailure(iPolicyContext, AUTH_NO_TRANSPORT_SECURITY, Messages.getString("KeycloakOauthPolicy.NoTransportSecurity"));
    }

    public PolicyFailure blacklistedToken(IPolicyContext iPolicyContext) {
        return createAuthenticationPolicyFailure(iPolicyContext, AUTH_BLACKLISTED_TOKEN, Messages.getString("KeycloakOauthPolicy.BlacklistedToken"));
    }

    public PolicyFailure doesNotHoldRequiredRoles(IPolicyContext iPolicyContext) {
        return createAuthorizationPolicyFailure(iPolicyContext, AUTH_MISSING_ROLE, Messages.getString("KeycloakOauthPolicy.DoesNotHoldRequiredRoles"));
    }

    private PolicyFailure createAuthenticationPolicyFailure(IPolicyContext iPolicyContext, int i, String str) {
        PolicyFailure createFailure = getFailureFactory(iPolicyContext).createFailure(PolicyFailureType.Authentication, i, str);
        createFailure.setResponseCode(HTTP_UNAUTHORIZED);
        return createFailure;
    }

    private PolicyFailure createAuthorizationPolicyFailure(IPolicyContext iPolicyContext, int i, String str) {
        PolicyFailure createFailure = getFailureFactory(iPolicyContext).createFailure(PolicyFailureType.Authorization, i, str);
        createFailure.setResponseCode(HTTP_UNAUTHORIZED);
        return createFailure;
    }

    private IPolicyFailureFactoryComponent getFailureFactory(IPolicyContext iPolicyContext) {
        return iPolicyContext.getComponent(IPolicyFailureFactoryComponent.class);
    }
}
