package com.networknt.oauth.auth;

import com.networknt.client.ClientConfig;
import com.networknt.client.ClientRequestCarrier;
import com.networknt.client.Http2Client;
import com.networknt.cluster.Cluster;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.httpstring.AttachmentConstants;
import com.networknt.oauth.security.LightPasswordCredential;
import com.networknt.server.Server;
import com.networknt.service.SingletonServiceFactory;
import com.networknt.status.Status;
import io.opentracing.Tracer;
import io.opentracing.propagation.Format;
import io.opentracing.tag.Tags;
import io.undertow.UndertowOptions;
import io.undertow.client.ClientConnection;
import io.undertow.client.ClientRequest;
import io.undertow.client.ClientResponse;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.Credential;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import java.net.URI;
import java.net.URLEncoder;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xnio.OptionMap;

/* loaded from: input_file:com/networknt/oauth/auth/LightPortalAuthenticator.class */
public class LightPortalAuthenticator extends AuthenticatorBase<LightPortalAuth> {
    private static final String cmd = "{\"host\":\"lightapi.net\",\"service\":\"user\",\"action\":\"loginUser\",\"version\":\"0.1.0\",\"data\":{\"email\":\"%s\",\"password\":\"%s\"}}";
    static ClientConnection connection;
    static Cluster cluster;
    private static final Logger logger = LoggerFactory.getLogger(LightPortalAuthenticator.class);
    public static final net.lightapi.portal.PortalClientConfig config = (net.lightapi.portal.PortalClientConfig) Config.getInstance().getJsonObjectConfig(PortalClientConfig.CONFIG_NAME, net.lightapi.portal.PortalClientConfig.class);
    private static String tag = Server.getServerConfig().getEnvironment();
    static Http2Client client = Http2Client.getInstance();

    public LightPortalAuthenticator() {
        String serviceToUrl;
        cluster = (Cluster) SingletonServiceFactory.getBean(Cluster.class);
        if (config.isPortalByServiceUrl() || (serviceToUrl = cluster.serviceToUrl("https", config.getPortalQueryServiceId(), tag, (String) null)) == null) {
            return;
        }
        try {
            connection = (ClientConnection) client.connect(new URI(serviceToUrl), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get();
        } catch (Exception e) {
            logger.error("Exception:", e);
        }
    }

    @Override // com.networknt.oauth.auth.Authenticator
    public Account authenticate(final String str, Credential credential) {
        Tracer tracer;
        LightPasswordCredential lightPasswordCredential = (LightPasswordCredential) credential;
        char[] password = lightPasswordCredential.getPassword();
        try {
            if (connection == null || !connection.isOpen()) {
                if (config.isPortalByServiceUrl()) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("create connection with url from config = " + config.getPortalQueryServiceUrl());
                    }
                    connection = (ClientConnection) client.connect(new URI(config.getPortalQueryServiceUrl()), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get();
                } else {
                    String serviceToUrl = cluster.serviceToUrl("https", config.getPortalQueryServiceId(), tag, (String) null);
                    if (logger.isDebugEnabled()) {
                        logger.debug("create connection with service lookup serviceId = " + config.getPortalQueryServiceId() + " url = " + serviceToUrl);
                    }
                    connection = (ClientConnection) client.connect(new URI(serviceToUrl), Http2Client.WORKER, Http2Client.SSL, Http2Client.BUFFER_POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get();
                }
            }
            CountDownLatch countDownLatch = new CountDownLatch(1);
            AtomicReference atomicReference = new AtomicReference();
            ClientRequest path = new ClientRequest().setMethod(Methods.GET).setPath("/portal/query?cmd=" + URLEncoder.encode(String.format(cmd, str, new String(password)), "UTF-8"));
            path.getRequestHeaders().put(Headers.HOST, "localhost");
            if (ClientConfig.get().isInjectOpenTracing() && (tracer = (Tracer) lightPasswordCredential.getExchange().getAttachment(AttachmentConstants.EXCHANGE_TRACER)) != null && tracer.activeSpan() != null) {
                Tags.SPAN_KIND.set(tracer.activeSpan(), "client");
                Tags.HTTP_METHOD.set(tracer.activeSpan(), path.getMethod().toString());
                tracer.inject(tracer.activeSpan().context(), Format.Builtin.HTTP_HEADERS, new ClientRequestCarrier(path));
            }
            connection.sendRequest(path, client.createClientCallback(atomicReference, countDownLatch));
            countDownLatch.await();
            int responseCode = ((ClientResponse) atomicReference.get()).getResponseCode();
            final String str2 = (String) ((ClientResponse) atomicReference.get()).getAttachment(Http2Client.RESPONSE_BODY);
            if (responseCode != 200) {
                return new Account() { // from class: com.networknt.oauth.auth.LightPortalAuthenticator.2
                    private final Principal principal = () -> {
                        return "error";
                    };

                    public Principal getPrincipal() {
                        return this.principal;
                    }

                    public Set<String> getRoles() {
                        HashSet hashSet = new HashSet();
                        hashSet.add(str2);
                        return hashSet;
                    }
                };
            }
            final Map string2Map = JsonMapper.string2Map(str2);
            return new Account() { // from class: com.networknt.oauth.auth.LightPortalAuthenticator.1
                private Set<String> roles;
                private final Principal principal;

                {
                    this.roles = LightPortalAuthenticator.this.splitRoles((String) string2Map.get("roles"));
                    String str3 = str;
                    this.principal = () -> {
                        return str3;
                    };
                }

                public Principal getPrincipal() {
                    return this.principal;
                }

                public Set<String> getRoles() {
                    return this.roles;
                }
            };
        } catch (Exception e) {
            logger.error("Exception:", e);
            return new Account() { // from class: com.networknt.oauth.auth.LightPortalAuthenticator.3
                String id = "error";
                private final Principal principal = () -> {
                    return this.id;
                };

                public Principal getPrincipal() {
                    return this.principal;
                }

                public Set<String> getRoles() {
                    HashSet hashSet = new HashSet();
                    hashSet.add(new Status("ERR10014", new Object[]{e.getMessage()}).toString());
                    return hashSet;
                }
            };
        }
    }

    public Set<String> splitRoles(String str) {
        HashSet hashSet = new HashSet();
        if (str != null) {
            hashSet = new HashSet(Arrays.asList(str.split("\\s+")));
        }
        return hashSet;
    }
}
