package io.apicurio.common.apps.mt;

import io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism;
import io.quarkus.security.ForbiddenException;
import io.quarkus.security.identity.IdentityProviderManager;
import io.quarkus.security.identity.SecurityIdentity;
import io.smallrye.mutiny.Uni;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.ext.web.RoutingContext;
import java.util.Optional;
import javax.enterprise.context.control.ActivateRequestContext;
import javax.inject.Inject;
import org.slf4j.Logger;

/* loaded from: input_file:io/apicurio/common/apps/mt/MtAppAuthenticationMechanism.class */
public abstract class MtAppAuthenticationMechanism extends AppAuthenticationMechanism {

    @Inject
    Logger log;

    @Inject
    MtProperties mtProperties;

    @Inject
    TenantIdResolver tenantIdResolver;

    @Inject
    TenantInfoLoader tenantInfoLoader;

    @Inject
    TenantAuthorizer tenantAuthorizer;

    @Inject
    TenantContext tenantContext;

    @ActivateRequestContext
    public Uni<SecurityIdentity> authenticate(RoutingContext routingContext, IdentityProviderManager identityProviderManager) {
        Uni<SecurityIdentity> authenticate = super.authenticate(routingContext, identityProviderManager);
        if (this.mtProperties.isMultitenancyEnabled()) {
            this.log.info("Multitenancy is enabled!");
            HttpServerRequest request = routingContext.request();
            Optional<String> resolveTenantId = this.tenantIdResolver.resolveTenantId(request.absoluteURI(), str -> {
                return request.getHeader(str);
            }, () -> {
                return request.host();
            });
            if (resolveTenantId.isEmpty()) {
                this.log.warn("Multi-tenancy is enabled but the tenantId could not be resolved.");
                throw new ForbiddenException("Could not resolve tenant ID.");
            }
            Optional<TenantInfo> loadInfo = this.tenantInfoLoader.loadInfo(resolveTenantId.get());
            if (loadInfo.isEmpty()) {
                throw new ForbiddenException("Unknown tenant: " + resolveTenantId.get());
            }
            if (this.mtProperties.isMultitenancyAuthorizationEnabled()) {
                this.tenantAuthorizer.authorizeTenant(loadInfo.get(), authenticate);
            }
            this.tenantContext.setTenantInfo(loadInfo.get());
        }
        return authenticate;
    }
}
