package io.undertow.security.impl;

import io.undertow.UndertowMessages;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.AuthenticationMechanismFactory;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.idm.PasswordCredential;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.Cookie;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.util.HttpString;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/undertow-core-2.2.20.Final.jar:io/undertow/security/impl/GenericHeaderAuthenticationMechanism.class */
public class GenericHeaderAuthenticationMechanism implements AuthenticationMechanism {
    public static final AuthenticationMechanismFactory FACTORY = new Factory();
    public static final String NAME = "GENERIC_HEADER";
    public static final String IDENTITY_HEADER = "identity-header";
    public static final String SESSION_HEADER = "session-header";
    private final String mechanismName;
    private final List<HttpString> identityHeaders;
    private final List<String> sessionCookieNames;
    private final IdentityManager identityManager;

    /* loaded from: input_file:WEB-INF/lib/undertow-core-2.2.20.Final.jar:io/undertow/security/impl/GenericHeaderAuthenticationMechanism$Factory.class */
    public static class Factory implements AuthenticationMechanismFactory {
        @Deprecated
        public Factory(IdentityManager identityManager) {
        }

        public Factory() {
        }

        @Override // io.undertow.security.api.AuthenticationMechanismFactory
        public AuthenticationMechanism create(String str, IdentityManager identityManager, FormParserFactory formParserFactory, Map<String, String> map) {
            String str2 = map.get(GenericHeaderAuthenticationMechanism.IDENTITY_HEADER);
            if (str2 == null) {
                throw UndertowMessages.MESSAGES.authenticationPropertyNotSet(str, GenericHeaderAuthenticationMechanism.IDENTITY_HEADER);
            }
            String str3 = map.get(GenericHeaderAuthenticationMechanism.SESSION_HEADER);
            if (str3 == null) {
                throw UndertowMessages.MESSAGES.authenticationPropertyNotSet(str, GenericHeaderAuthenticationMechanism.SESSION_HEADER);
            }
            ArrayList arrayList = new ArrayList();
            for (String str4 : str2.split(",")) {
                arrayList.add(new HttpString(str4));
            }
            ArrayList arrayList2 = new ArrayList();
            for (String str5 : str3.split(",")) {
                arrayList2.add(str5);
            }
            return new GenericHeaderAuthenticationMechanism(str, arrayList, arrayList2, identityManager);
        }
    }

    public GenericHeaderAuthenticationMechanism(String str, List<HttpString> list, List<String> list2, IdentityManager identityManager) {
        this.mechanismName = str;
        this.identityHeaders = list;
        this.sessionCookieNames = list2;
        this.identityManager = identityManager;
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        String session;
        String principal = getPrincipal(httpServerExchange);
        if (principal != null && (session = getSession(httpServerExchange)) != null) {
            Account verify = this.identityManager.verify(principal, new PasswordCredential(session.toCharArray()));
            if (verify == null) {
                securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), this.mechanismName);
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            securityContext.authenticationComplete(verify, this.mechanismName, false);
            return AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
        }
        return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
    }

    private String getSession(HttpServerExchange httpServerExchange) {
        for (String str : this.sessionCookieNames) {
            for (Cookie cookie : httpServerExchange.requestCookies()) {
                if (str.equals(cookie.getName())) {
                    return cookie.getValue();
                }
            }
        }
        return null;
    }

    private String getPrincipal(HttpServerExchange httpServerExchange) {
        Iterator<HttpString> it = this.identityHeaders.iterator();
        while (it.hasNext()) {
            String first = httpServerExchange.getRequestHeaders().getFirst(it.next());
            if (first != null) {
                return first;
            }
        }
        return null;
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return AuthenticationMechanism.ChallengeResult.NOT_SENT;
    }
}
