package fish.payara.security.openid;

import fish.payara.security.annotations.OpenIdAuthenticationDefinition;
import fish.payara.security.openid.controller.AuthenticationController;
import fish.payara.security.openid.controller.ConfigurationController;
import fish.payara.security.openid.controller.NonceController;
import fish.payara.security.openid.controller.OriginalRequestController;
import fish.payara.security.openid.controller.ProviderMetadataContoller;
import fish.payara.security.openid.controller.StateController;
import fish.payara.security.openid.controller.TokenController;
import fish.payara.security.openid.controller.UserInfoController;
import fish.payara.security.openid.domain.OpenIdContextImpl;
import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
import javax.enterprise.inject.spi.AfterBeanDiscovery;
import javax.enterprise.inject.spi.AnnotatedType;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.BeforeBeanDiscovery;
import javax.enterprise.inject.spi.CDI;
import javax.enterprise.inject.spi.DefinitionException;
import javax.enterprise.inject.spi.Extension;
import javax.enterprise.inject.spi.ProcessBean;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.identitystore.IdentityStore;
import org.glassfish.soteria.cdi.CdiProducer;
import org.glassfish.soteria.cdi.CdiUtils;

/* loaded from: input_file:MICRO-INF/runtime/openid-client-integration.jar:fish/payara/security/openid/OpenIdExtension.class */
public class OpenIdExtension implements Extension {
    private final List<Bean<IdentityStore>> identityStoreBeans = new ArrayList();
    private Bean<HttpAuthenticationMechanism> authenticationMechanismBean;
    private static final Logger LOGGER = Logger.getLogger(OpenIdExtension.class.getName());

    /* JADX INFO: Access modifiers changed from: protected */
    public void beforeBeanDiscovery(@Observes BeforeBeanDiscovery beforeBeanDiscovery, BeanManager beanManager) {
        addAnnotatedType(OpenIdAuthenticationMechanism.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(OpenIdIdentityStore.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(OpenIdContextImpl.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(NonceController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(StateController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(OriginalRequestController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(ConfigurationController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(ProviderMetadataContoller.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(AuthenticationController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(TokenController.class, beanManager, beforeBeanDiscovery);
        addAnnotatedType(UserInfoController.class, beanManager, beforeBeanDiscovery);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T> void addAnnotatedType(Class<T> cls, BeanManager beanManager, BeforeBeanDiscovery beforeBeanDiscovery) {
        beforeBeanDiscovery.addAnnotatedType((AnnotatedType<?>) beanManager.createAnnotatedType(cls), cls.getName());
    }

    protected <T> void findOpenIdDefinitionAnnotation(@Observes ProcessBean<T> processBean, BeanManager beanManager) {
        Class<?> beanClass = processBean.getBean().getBeanClass();
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), OpenIdAuthenticationDefinition.class).ifPresent(openIdAuthenticationDefinition -> {
            validateExtraParametersFormat(openIdAuthenticationDefinition);
            logActivatedIdentityStore(OpenIdIdentityStore.class, beanClass);
            this.identityStoreBeans.add(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class).addToId(OpenIdIdentityStore.class).create(creationalContext -> {
                return (OpenIdIdentityStore) CDI.current().select(OpenIdIdentityStore.class, new Annotation[0]).get2();
            }));
            logActivatedAuthenticationMechanism(OpenIdAuthenticationMechanism.class, beanClass);
            this.authenticationMechanismBean = new CdiProducer().scope(ApplicationScoped.class).beanClass(HttpAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class).addToId(OpenIdAuthenticationMechanism.class).create(creationalContext2 -> {
                OpenIdAuthenticationMechanism openIdAuthenticationMechanism = (OpenIdAuthenticationMechanism) CDI.current().select(OpenIdAuthenticationMechanism.class, new Annotation[0]).get2();
                openIdAuthenticationMechanism.setConfiguration(openIdAuthenticationDefinition);
                return openIdAuthenticationMechanism;
            });
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validateExtraParametersFormat(OpenIdAuthenticationDefinition openIdAuthenticationDefinition) {
        for (String str : openIdAuthenticationDefinition.extraParameters()) {
            if (str.split("=").length != 2) {
                throw new DefinitionException(OpenIdAuthenticationDefinition.class.getSimpleName() + ".extraParameters() value '" + str + "' is not of the format key=value");
            }
        }
    }

    protected void afterBeanDiscovery(@Observes AfterBeanDiscovery afterBeanDiscovery, BeanManager beanManager) {
        if (!this.identityStoreBeans.isEmpty()) {
            List<Bean<IdentityStore>> list = this.identityStoreBeans;
            afterBeanDiscovery.getClass();
            list.forEach(afterBeanDiscovery::addBean);
        }
        if (this.authenticationMechanismBean != null) {
            LOGGER.log(Level.FINE, "Creating OpenId Mechanism");
            afterBeanDiscovery.addBean(this.authenticationMechanismBean);
        }
    }

    private void logActivatedIdentityStore(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} identity store from {1} class", new Object[]{cls.getName(), cls2.getName()});
    }

    private void logActivatedAuthenticationMechanism(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} authentication mechanism from {1} class", new Object[]{cls.getName(), cls2.getName()});
    }
}
