package org.infinispan.server.endpoint.subsystem.security;

import java.util.Optional;
import javax.security.auth.Subject;
import org.infinispan.rest.InfinispanRequest;
import org.infinispan.rest.RestResponseException;
import org.infinispan.rest.authentication.AuthenticationException;
import org.infinispan.rest.authentication.Authenticator;
import org.jboss.as.core.security.RealmRole;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;

/* loaded from: input_file:org/infinispan/server/endpoint/subsystem/security/SecurityRealmRestAuthenticator.class */
public class SecurityRealmRestAuthenticator implements Authenticator {
    private final HttpAuthenticationFactory factory;
    private final String mechanismName;

    public SecurityRealmRestAuthenticator(HttpAuthenticationFactory httpAuthenticationFactory, String str) {
        this.factory = httpAuthenticationFactory;
        this.mechanismName = str;
    }

    public void challenge(InfinispanRequest infinispanRequest) throws RestResponseException {
        HttpServerRequestAdapter httpServerRequestAdapter = new HttpServerRequestAdapter(infinispanRequest);
        try {
            HttpServerAuthenticationMechanism httpServerAuthenticationMechanism = (HttpServerAuthenticationMechanism) this.factory.createMechanism(this.mechanismName);
            httpServerAuthenticationMechanism.evaluateRequest(httpServerRequestAdapter);
            httpServerRequestAdapter.validateResponse();
            SecurityIdentity securityIdentity = (SecurityIdentity) httpServerAuthenticationMechanism.getNegotiatedProperty("wildfly.http.security-identity");
            if (securityIdentity != null) {
                Subject subject = new Subject();
                subject.getPrincipals().add(securityIdentity.getPrincipal());
                securityIdentity.getRoles().forEach(str -> {
                    subject.getPrincipals().add(new RealmRole(str));
                });
                infinispanRequest.setSubject(subject);
            }
        } catch (HttpAuthenticationException e) {
            throw new AuthenticationException(Optional.empty());
        }
    }
}
