package io.smallrye.jwt.auth.mechanism;

import io.smallrye.jwt.auth.AbstractBearerTokenExtractor;
import io.smallrye.jwt.auth.cdi.PrincipalProducer;
import io.smallrye.jwt.auth.principal.JWTAuthContextInfo;
import io.smallrye.jwt.auth.principal.JWTParser;
import java.util.Set;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.security.enterprise.AuthenticationException;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.microprofile.jwt.JsonWebToken;
import org.jboss.logging.Logger;

@ApplicationScoped
/* loaded from: input_file:test-resources/jobs-service.jar:io/smallrye/jwt/auth/mechanism/JWTHttpAuthenticationMechanism.class */
public class JWTHttpAuthenticationMechanism implements HttpAuthenticationMechanism {
    private static Logger logger = Logger.getLogger((Class<?>) JWTHttpAuthenticationMechanism.class);

    @Inject
    private JWTAuthContextInfo authContextInfo;

    @Inject
    private JWTParser jwtParser;

    @Inject
    private PrincipalProducer producer;

    /* loaded from: input_file:test-resources/jobs-service.jar:io/smallrye/jwt/auth/mechanism/JWTHttpAuthenticationMechanism$BearerTokenExtractor.class */
    private static class BearerTokenExtractor extends AbstractBearerTokenExtractor {
        private final HttpServletRequest request;

        BearerTokenExtractor(HttpServletRequest httpServletRequest, JWTAuthContextInfo jWTAuthContextInfo) {
            super(jWTAuthContextInfo);
            this.request = httpServletRequest;
        }

        @Override // io.smallrye.jwt.auth.AbstractBearerTokenExtractor
        protected String getHeaderValue(String str) {
            return this.request.getHeader(str);
        }

        @Override // io.smallrye.jwt.auth.AbstractBearerTokenExtractor
        protected String getCookieValue(String str) {
            Cookie[] cookies = this.request.getCookies();
            Cookie cookie = null;
            if (cookies != null) {
                int length = cookies.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    Cookie cookie2 = cookies[i];
                    if (str.equals(cookie2.getName())) {
                        cookie = cookie2;
                        break;
                    }
                    i++;
                }
            }
            if (cookie != null) {
                return cookie.getValue();
            }
            return null;
        }
    }

    public JWTHttpAuthenticationMechanism() {
    }

    public JWTHttpAuthenticationMechanism(JWTAuthContextInfo jWTAuthContextInfo, JWTParser jWTParser, PrincipalProducer principalProducer) {
        this.authContextInfo = jWTAuthContextInfo;
        this.jwtParser = jWTParser;
        this.producer = principalProducer;
    }

    public AuthenticationStatus validateRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) throws AuthenticationException {
        String bearerToken = new BearerTokenExtractor(httpServletRequest, this.authContextInfo).getBearerToken();
        if (bearerToken == null) {
            logger.debug("No usable bearer token was found in the request, continuing unauthenticated");
            return httpMessageContext.isProtected() ? httpMessageContext.responseUnauthorized() : httpMessageContext.doNothing();
        }
        try {
            JsonWebToken parse = this.jwtParser.parse(bearerToken);
            this.producer.setJsonWebToken(parse);
            Set<String> groups = parse.getGroups();
            logger.debugf("Success", new Object[0]);
            return httpMessageContext.notifyContainerAboutLogin(parse, groups);
        } catch (Exception e) {
            logger.debug("Unable to validate bearer token", e);
            return httpMessageContext.responseUnauthorized();
        }
    }
}
