package io.jooby.pac4j;

import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.Nullable;
import io.jooby.Extension;
import io.jooby.Jooby;
import io.jooby.Route;
import io.jooby.Router;
import io.jooby.StatusCode;
import io.jooby.internal.pac4j.ActionAdapterImpl;
import io.jooby.internal.pac4j.CallbackFilterImpl;
import io.jooby.internal.pac4j.ClientReference;
import io.jooby.internal.pac4j.DevLoginForm;
import io.jooby.internal.pac4j.ForwardingAuthorizer;
import io.jooby.internal.pac4j.LogoutImpl;
import io.jooby.internal.pac4j.NoopAuthorizer;
import io.jooby.internal.pac4j.Pac4jCurrentUser;
import io.jooby.internal.pac4j.SavedRequestHandlerImpl;
import io.jooby.internal.pac4j.SecurityFilterImpl;
import io.jooby.internal.pac4j.UrlResolverImpl;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.pac4j.core.authorization.authorizer.Authorizer;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.Clients;
import org.pac4j.core.client.DirectClient;
import org.pac4j.core.config.Config;
import org.pac4j.core.engine.DefaultCallbackLogic;
import org.pac4j.core.engine.DefaultLogoutLogic;
import org.pac4j.core.engine.DefaultSecurityLogic;
import org.pac4j.core.engine.LogoutLogic;
import org.pac4j.core.exception.http.ForbiddenAction;
import org.pac4j.core.exception.http.UnauthorizedAction;
import org.pac4j.core.http.adapter.HttpActionAdapter;
import org.pac4j.core.http.url.UrlResolver;
import org.pac4j.http.client.indirect.FormClient;
import org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator;

/* loaded from: input_file:io/jooby/pac4j/Pac4jModule.class */
public class Pac4jModule implements Extension {
    private final Config pac4j;
    private Pac4jOptions options;
    private Map<String, ProtectedPath> clientMap;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/jooby/pac4j/Pac4jModule$ProtectedPath.class */
    public static class ProtectedPath {
        private List<String> authorizers = new ArrayList();
        private List<Object> clients = new ArrayList();

        private ProtectedPath() {
        }

        public ProtectedPath add(String str, Object obj) {
            this.authorizers.add(str);
            this.clients.add(obj);
            return this;
        }
    }

    public Pac4jModule() {
        this(new Pac4jOptions(), new Config());
    }

    public Pac4jModule(Pac4jOptions pac4jOptions, Config config) {
        this.options = pac4jOptions;
        this.pac4j = config;
    }

    public Pac4jModule(Config config) {
        this(new Pac4jOptions(), config);
    }

    public Pac4jModule(Pac4jOptions pac4jOptions) {
        this(pac4jOptions, new Config());
    }

    public Pac4jModule client(Function<com.typesafe.config.Config, Client> function) {
        return client("*", function);
    }

    public Pac4jModule client(String str, Function<com.typesafe.config.Config, Client> function) {
        return client(str, (String) null, function);
    }

    public Pac4jModule client(Class<? extends Authorizer> cls, Function<com.typesafe.config.Config, Client> function) {
        return client("*", cls, function);
    }

    @NonNull
    public Pac4jModule client(@NonNull Authorizer authorizer, @NonNull Function<com.typesafe.config.Config, Client> function) {
        return client("*", authorizer, function);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @NonNull Class<? extends Authorizer> cls, @NonNull Function<com.typesafe.config.Config, Client> function) {
        return client(str, registerAuthorizer(cls, new ForwardingAuthorizer(cls)), function);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @NonNull Authorizer authorizer, @NonNull Function<com.typesafe.config.Config, Client> function) {
        return client(str, registerAuthorizer(authorizer.getClass(), authorizer), function);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @Nullable String str2, @NonNull Function<com.typesafe.config.Config, Client> function) {
        if (this.clientMap == null) {
            this.clientMap = initializeClients(this.pac4j);
        }
        this.clientMap.computeIfAbsent(str, str3 -> {
            return new ProtectedPath();
        }).add(str2, function);
        return this;
    }

    public Pac4jModule client(@NonNull Class<? extends Client> cls) {
        return client("*", cls);
    }

    public Pac4jModule client(@NonNull String str, @NonNull Class<? extends Client> cls) {
        return client(str, (String) null, cls);
    }

    public Pac4jModule client(@NonNull Class<? extends Authorizer> cls, @NonNull Class<? extends Client> cls2) {
        return client("*", cls, cls2);
    }

    @NonNull
    public Pac4jModule client(@NonNull Authorizer authorizer, @NonNull Class<? extends Client> cls) {
        return client("*", authorizer, cls);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @NonNull Class<? extends Authorizer> cls, @NonNull Class<? extends Client> cls2) {
        return client(str, registerAuthorizer(cls, new ForwardingAuthorizer(cls)), cls2);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @NonNull Authorizer authorizer, @NonNull Class<? extends Client> cls) {
        return client(str, registerAuthorizer(authorizer.getClass(), authorizer), cls);
    }

    @NonNull
    public Pac4jModule client(@NonNull String str, @Nullable String str2, @NonNull Class<? extends Client> cls) {
        if (this.clientMap == null) {
            this.clientMap = initializeClients(this.pac4j);
        }
        this.clientMap.computeIfAbsent(str, str3 -> {
            return new ProtectedPath();
        }).add(str2, cls);
        return this;
    }

    public void install(@NonNull Jooby jooby) throws Exception {
        jooby.getServices().putIfAbsent(Pac4jOptions.class, this.options);
        Clients clients = (Clients) Optional.ofNullable(this.pac4j.getClients()).orElseGet(Clients::new);
        if (this.clientMap == null) {
            this.clientMap = initializeClients(this.pac4j);
        }
        String contextPath = jooby.getContextPath().equals("/") ? "" : jooby.getContextPath();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        boolean z = false;
        if (this.clientMap.isEmpty()) {
            z = true;
            client(config -> {
                return new FormClient(contextPath + "/login", new SimpleTestUsernamePasswordAuthenticator());
            });
        }
        com.typesafe.config.Config config2 = jooby.getConfig();
        for (Map.Entry<String, ProtectedPath> entry : this.clientMap.entrySet()) {
            List list = (List) linkedHashMap.computeIfAbsent(entry.getKey(), str -> {
                return new ArrayList();
            });
            ProtectedPath value = entry.getValue();
            for (Object obj : value.clients) {
                if (obj instanceof Class) {
                    list.add(new ClientReference((Class<Client>) obj));
                } else if (obj instanceof Client) {
                    list.add(new ClientReference((Client) obj));
                } else {
                    list.add(new ClientReference((Client) ((Function) obj).apply(config2)));
                }
            }
            linkedHashMap.put(entry.getKey(), list);
            Iterator<String> it = value.authorizers.iterator();
            while (it.hasNext()) {
                Authorizer authorizer = (Authorizer) this.pac4j.getAuthorizers().get(it.next());
                if (authorizer instanceof ForwardingAuthorizer) {
                    ((ForwardingAuthorizer) authorizer).setRegistry(jooby);
                }
            }
        }
        this.pac4j.getAuthorizers().put(NoopAuthorizer.NAME, new NoopAuthorizer());
        clients.setCallbackUrl((String) Optional.ofNullable(clients.getCallbackUrl()).orElse(contextPath + this.options.getCallbackPath()));
        clients.setUrlResolver((UrlResolver) Optional.ofNullable(clients.getUrlResolver()).orElseGet(Pac4jModule::newUrlResolver));
        clients.setClients((List) linkedHashMap.values().stream().flatMap((v0) -> {
            return v0.stream();
        }).filter((v0) -> {
            return v0.isResolved();
        }).map((v0) -> {
            return v0.getClient();
        }).collect(Collectors.toList()));
        this.pac4j.setClients(clients);
        List list2 = linkedHashMap.values().stream().flatMap((v0) -> {
            return v0.stream();
        }).filter(clientReference -> {
            return !clientReference.isResolved();
        }).toList();
        if (!list2.isEmpty()) {
            jooby.onStarted(() -> {
                ArrayList arrayList = new ArrayList(clients.getClients());
                Stream map = list2.stream().peek(clientReference2 -> {
                    Objects.requireNonNull(jooby);
                    clientReference2.resolve(jooby::require);
                }).map((v0) -> {
                    return v0.getClient();
                });
                Objects.requireNonNull(arrayList);
                map.forEachOrdered((v1) -> {
                    r1.add(v1);
                });
                clients.setClients(arrayList);
                List list3 = (List) linkedHashMap.get("*");
                if (list3 == null || this.options.getDefaultClient() != null) {
                    return;
                }
                this.options.setDefaultClient(((ClientReference) list3.get(0)).getClient().getName());
            });
        }
        this.pac4j.setHttpActionAdapter((HttpActionAdapter) Optional.ofNullable(this.pac4j.getHttpActionAdapter()).orElseGet(Pac4jModule::newActionAdapter));
        if (z) {
            jooby.get("/login", new DevLoginForm(this.pac4j, contextPath + this.options.getCallbackPath()));
        }
        Set set = (Set) linkedHashMap.keySet().stream().filter(str2 -> {
            return !str2.equals("*");
        }).map(str3 -> {
            return contextPath + str3;
        }).collect(Collectors.toSet());
        if (this.pac4j.getCallbackLogic() == null) {
            this.pac4j.setCallbackLogic(newCallbackLogic(set));
        }
        boolean allMatch = clients.getClients().stream().allMatch(client -> {
            return client instanceof DirectClient;
        });
        if (!allMatch || this.options.isForceCallbackRoutes()) {
            CallbackFilterImpl callbackFilterImpl = new CallbackFilterImpl(this.pac4j, this.options);
            jooby.get(this.options.getCallbackPath(), callbackFilterImpl);
            jooby.post(this.options.getCallbackPath(), callbackFilterImpl);
        }
        if (this.pac4j.getSecurityLogic() == null) {
            this.pac4j.setSecurityLogic(newSecurityLogic(set));
        }
        for (Map.Entry entry2 : linkedHashMap.entrySet()) {
            String str4 = (String) entry2.getKey();
            if (!str4.equals("*")) {
                if (Router.pathKeys(str4).isEmpty()) {
                    SecurityFilterImpl securityFilterImpl = new SecurityFilterImpl(null, this.pac4j, this.options, ClientReference.lazyClientNameList((List) entry2.getValue()), this.clientMap.get(str4).authorizers);
                    jooby.get(str4, securityFilterImpl);
                    jooby.post(str4, securityFilterImpl);
                } else {
                    jooby.use(new SecurityFilterImpl(str4, this.pac4j, this.options, ClientReference.lazyClientNameList((List) entry2.getValue()), this.clientMap.get(str4).authorizers));
                }
            }
        }
        List list3 = (List) linkedHashMap.get("*");
        if (list3 != null) {
            if (this.options.getDefaultClient() == null && ((ClientReference) list3.get(0)).isResolved()) {
                this.options.setDefaultClient(((ClientReference) list3.get(0)).getClient().getName());
            }
            jooby.use(new SecurityFilterImpl(null, this.pac4j, this.options, ClientReference.lazyClientNameList(list3), this.clientMap.get("*").authorizers));
        }
        if (this.pac4j.getLogoutLogic() == null) {
            this.pac4j.setLogoutLogic(newLogoutLogic());
        }
        if (!allMatch || this.options.isForceLogoutRoutes()) {
            jooby.get(this.options.getLogoutPath(), new LogoutImpl(this.pac4j, this.options));
        }
        jooby.errorCode(UnauthorizedAction.class, StatusCode.UNAUTHORIZED);
        jooby.errorCode(ForbiddenAction.class, StatusCode.FORBIDDEN);
        if (this.options.getDefaultUrl() == null) {
            int size = jooby.getRoutes().size();
            jooby.onStarted(() -> {
                List routes = jooby.getRoutes();
                String contextPath2 = jooby.getContextPath();
                if (size < routes.size()) {
                    Route route = (Route) routes.get(size);
                    if (route.getPathKeys().isEmpty()) {
                        contextPath2 = contextPath + route.getPattern();
                    }
                }
                this.options.setDefaultUrl(contextPath2);
            });
        }
        jooby.setCurrentUser(new Pac4jCurrentUser());
        this.clientMap.clear();
    }

    public static LogoutLogic newLogoutLogic() {
        return new DefaultLogoutLogic();
    }

    public static HttpActionAdapter newActionAdapter() {
        return new ActionAdapterImpl();
    }

    public static DefaultSecurityLogic newSecurityLogic(Set<String> set) {
        DefaultSecurityLogic defaultSecurityLogic = new DefaultSecurityLogic();
        defaultSecurityLogic.setSavedRequestHandler(new SavedRequestHandlerImpl(set));
        return defaultSecurityLogic;
    }

    public static DefaultCallbackLogic newCallbackLogic(Set<String> set) {
        DefaultCallbackLogic defaultCallbackLogic = new DefaultCallbackLogic();
        defaultCallbackLogic.setSavedRequestHandler(new SavedRequestHandlerImpl(set));
        return defaultCallbackLogic;
    }

    public static UrlResolver newUrlResolver() {
        return new UrlResolverImpl();
    }

    private Map<String, ProtectedPath> initializeClients(Config config) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Optional.ofNullable(config.getClients()).map((v0) -> {
            return v0.getClients();
        }).map(list -> {
            return list == null ? Stream.empty() : list.stream();
        }).ifPresent(stream -> {
            stream.forEach(obj -> {
                ((ProtectedPath) linkedHashMap.computeIfAbsent("*", str -> {
                    return new ProtectedPath();
                })).add(null, obj);
            });
        });
        return linkedHashMap;
    }

    private String authorizerName(Class cls) {
        String simpleName = cls.getSimpleName();
        return simpleName.isEmpty() ? cls.getName() : simpleName;
    }

    private String registerAuthorizer(Class cls, Authorizer authorizer) {
        String authorizerName = authorizerName(cls);
        this.pac4j.getAuthorizers().putIfAbsent(authorizerName, authorizer);
        return authorizerName;
    }
}
