package org.wildfly.extension.undertow;

import io.undertow.security.handlers.AuthenticationCallHandler;
import io.undertow.security.handlers.AuthenticationConstraintHandler;
import io.undertow.server.HttpHandler;
import io.undertow.server.handlers.Cookie;
import io.undertow.server.handlers.PathHandler;
import java.util.List;
import java.util.stream.Collectors;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.web.session.SimpleRoutingSupport;
import org.jboss.as.web.session.SimpleSessionIdentifierCodec;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler;
import org.wildfly.elytron.web.undertow.server.ElytronHttpExchange;
import org.wildfly.httpclient.common.ElytronIdentityHandler;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;

/* loaded from: input_file:org/wildfly/extension/undertow/HttpInvokerHostService.class */
class HttpInvokerHostService implements Service<HttpInvokerHostService> {
    private static final String JSESSIONID = "JSESSIONID";
    private final String path;
    private final InjectedValue<Host> host = new InjectedValue<>();
    private final InjectedValue<HttpAuthenticationFactory> httpAuthenticationFactoryInjectedValue = new InjectedValue<>();
    private final InjectedValue<SecurityRealm> realmService = new InjectedValue<>();
    private final InjectedValue<PathHandler> remoteHttpInvokerServiceInjectedValue = new InjectedValue<>();

    public HttpInvokerHostService(String str) {
        this.path = str;
    }

    public void start(StartContext startContext) throws StartException {
        HttpHandler httpHandler = (HttpHandler) this.remoteHttpInvokerServiceInjectedValue.getValue();
        if (this.httpAuthenticationFactoryInjectedValue.getOptionalValue() != null) {
            httpHandler = secureAccess(httpHandler, (HttpAuthenticationFactory) this.httpAuthenticationFactoryInjectedValue.getOptionalValue());
        } else if (this.realmService.getOptionalValue() != null) {
            httpHandler = secureAccess(httpHandler, ((SecurityRealm) this.realmService.getOptionalValue()).getHttpAuthenticationFactory());
        }
        ((Host) this.host.getValue()).registerHandler(this.path, setupRoutes(httpHandler));
        ((Host) this.host.getValue()).registerLocation(this.path);
    }

    public void stop(StopContext stopContext) {
        ((Host) this.host.getValue()).unregisterHandler(this.path);
        ((Host) this.host.getValue()).unregisterLocation(this.path);
    }

    private HttpHandler setupRoutes(HttpHandler httpHandler) {
        SimpleSessionIdentifierCodec simpleSessionIdentifierCodec = new SimpleSessionIdentifierCodec(new SimpleRoutingSupport(), ((Host) this.host.getValue()).getServer().getRoute());
        return httpServerExchange -> {
            httpServerExchange.addResponseCommitListener(httpServerExchange -> {
                Cookie cookie = (Cookie) httpServerExchange.getResponseCookies().get(JSESSIONID);
                if (cookie != null) {
                    cookie.setValue(simpleSessionIdentifierCodec.encode(cookie.getValue()).toString());
                }
            });
            httpHandler.handleRequest(httpServerExchange);
        };
    }

    private static HttpHandler secureAccess(HttpHandler httpHandler, HttpAuthenticationFactory httpAuthenticationFactory) {
        AuthenticationConstraintHandler authenticationConstraintHandler = new AuthenticationConstraintHandler(new AuthenticationCallHandler(httpHandler));
        return ElytronContextAssociationHandler.builder().setNext(authenticationConstraintHandler).setMechanismSupplier(() -> {
            return (List) httpAuthenticationFactory.getMechanismNames().stream().map(str -> {
                try {
                    return (HttpServerAuthenticationMechanism) httpAuthenticationFactory.createMechanism(str);
                } catch (Exception e) {
                    return null;
                }
            }).collect(Collectors.toList());
        }).setHttpExchangeSupplier(httpServerExchange -> {
            return new ElytronHttpExchange(httpServerExchange) { // from class: org.wildfly.extension.undertow.HttpInvokerHostService.1
                public void authenticationComplete(SecurityIdentity securityIdentity, String str) {
                    super.authenticationComplete(securityIdentity, str);
                    httpServerExchange.putAttachment(ElytronIdentityHandler.IDENTITY_KEY, securityIdentity);
                }
            };
        }).build();
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public HttpInvokerHostService m35getValue() throws IllegalStateException, IllegalArgumentException {
        return null;
    }

    public String getPath() {
        return this.path;
    }

    public InjectedValue<Host> getHost() {
        return this.host;
    }

    public InjectedValue<HttpAuthenticationFactory> getHttpAuthenticationFactoryInjectedValue() {
        return this.httpAuthenticationFactoryInjectedValue;
    }

    public InjectedValue<PathHandler> getRemoteHttpInvokerServiceInjectedValue() {
        return this.remoteHttpInvokerServiceInjectedValue;
    }

    public InjectedValue<SecurityRealm> getRealmService() {
        return this.realmService;
    }
}
