package io.quarkus.keycloak.pep.runtime;

import io.netty.handler.codec.http.HttpHeaderNames;
import io.quarkus.vertx.http.runtime.VertxInputStream;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.Cookie;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.core.http.impl.CookieImpl;
import io.vertx.ext.web.RoutingContext;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.List;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.security.cert.X509Certificate;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.OIDCHttpFacade;
import org.keycloak.adapters.spi.AuthenticationError;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.LogoutError;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.JWSInputException;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.IDToken;

/* loaded from: input_file:io/quarkus/keycloak/pep/runtime/VertxHttpFacade.class */
public class VertxHttpFacade implements OIDCHttpFacade {
    private final HttpFacade.Response response;
    private final RoutingContext routingContext;
    private final HttpFacade.Request request;
    private final String token;
    private final long readTimeout;

    public VertxHttpFacade(RoutingContext routingContext, String str, long j) {
        this.routingContext = routingContext;
        this.token = str;
        this.readTimeout = j;
        this.request = createRequest(routingContext);
        this.response = createResponse(routingContext);
    }

    public HttpFacade.Request getRequest() {
        return this.request;
    }

    public HttpFacade.Response getResponse() {
        return this.response;
    }

    public X509Certificate[] getCertificateChain() {
        try {
            return this.routingContext.request().peerCertificateChain();
        } catch (SSLPeerUnverifiedException e) {
            throw new RuntimeException("Failed to fetch certificates from request", e);
        }
    }

    private HttpFacade.Request createRequest(final RoutingContext routingContext) {
        final HttpServerRequest request = routingContext.request();
        return new HttpFacade.Request() { // from class: io.quarkus.keycloak.pep.runtime.VertxHttpFacade.1
            public String getMethod() {
                return request.method().name();
            }

            public String getURI() {
                return request.absoluteURI();
            }

            public String getRelativePath() {
                return routingContext.normalizedPath();
            }

            public boolean isSecure() {
                return request.isSSL();
            }

            public String getFirstParam(String str) {
                return request.getParam(str);
            }

            public String getQueryParamValue(String str) {
                return request.getParam(str);
            }

            public HttpFacade.Cookie getCookie(String str) {
                Cookie cookie = request.getCookie(str);
                if (cookie == null) {
                    return null;
                }
                return new HttpFacade.Cookie(cookie.getName(), cookie.getValue(), 1, cookie.getDomain(), cookie.getPath());
            }

            public String getHeader(String str) {
                return request.getHeader(str);
            }

            public List<String> getHeaders(String str) {
                return request.headers().getAll(str);
            }

            public InputStream getInputStream() {
                return getInputStream(false);
            }

            public InputStream getInputStream(boolean z) {
                try {
                    return routingContext.getBody() != null ? new ByteArrayInputStream(routingContext.getBody().getBytes()) : routingContext.request().isEnded() ? new ByteArrayInputStream(new byte[0]) : new VertxInputStream(routingContext, VertxHttpFacade.this.readTimeout);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }

            public String getRemoteAddr() {
                return request.remoteAddress().host();
            }

            public void setError(AuthenticationError authenticationError) {
            }

            public void setError(LogoutError logoutError) {
            }
        };
    }

    private HttpFacade.Response createResponse(RoutingContext routingContext) {
        final HttpServerResponse response = routingContext.response();
        return new HttpFacade.Response() { // from class: io.quarkus.keycloak.pep.runtime.VertxHttpFacade.2
            public void setStatus(int i) {
                response.setStatusCode(i);
            }

            public void addHeader(String str, String str2) {
                response.headers().add(str, str2);
            }

            public void setHeader(String str, String str2) {
                response.headers().set(str, str2);
            }

            public void resetCookie(String str, String str2) {
                response.removeCookie(str, true);
            }

            public void setCookie(String str, String str2, String str3, String str4, int i, boolean z, boolean z2) {
                CookieImpl cookieImpl = new CookieImpl(str, str2);
                cookieImpl.setPath(str3);
                cookieImpl.setDomain(str4);
                cookieImpl.setMaxAge(i);
                cookieImpl.setSecure(z);
                cookieImpl.setHttpOnly(z2);
                response.addCookie(cookieImpl);
            }

            public OutputStream getOutputStream() {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                HttpServerResponse httpServerResponse = response;
                HttpServerResponse httpServerResponse2 = response;
                httpServerResponse.headersEndHandler(r6 -> {
                    httpServerResponse2.write(Buffer.buffer().appendBytes(byteArrayOutputStream.toByteArray()));
                });
                return byteArrayOutputStream;
            }

            public void sendError(int i) {
                response.setStatusCode(i);
            }

            public void sendError(int i, String str) {
                response.headers().set(HttpHeaderNames.CONTENT_TYPE, "text/html");
                response.setStatusCode(i);
                response.setStatusMessage(str);
            }

            public void end() {
                response.end();
            }
        };
    }

    public KeycloakSecurityContext getSecurityContext() {
        try {
            return new KeycloakSecurityContext(this.token, (AccessToken) new JWSInput(this.token).readJsonContent(AccessToken.class), (String) null, (IDToken) null);
        } catch (JWSInputException e) {
            throw new RuntimeException("Failed to create access token", e);
        }
    }
}
