package io.quarkus.oidc;

import io.quarkus.security.credential.TokenCredential;
import io.quarkus.security.identity.IdentityProviderManager;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.TokenAuthenticationRequest;
import io.quarkus.vertx.http.runtime.security.HttpAuthenticationMechanism;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.oauth2.OAuth2Auth;
import io.vertx.ext.web.RoutingContext;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import javax.enterprise.context.ApplicationScoped;

@ApplicationScoped
/* loaded from: input_file:io/quarkus/oidc/VertxOAuth2AuthenticationMechanism.class */
public class VertxOAuth2AuthenticationMechanism implements HttpAuthenticationMechanism {
    private static final String BEARER = "Bearer";
    private volatile String authServerURI;
    private volatile OAuth2Auth auth;
    private volatile OidcConfig config;

    public OidcConfig getConfig() {
        return this.config;
    }

    public VertxOAuth2AuthenticationMechanism setConfig(OidcConfig oidcConfig) {
        this.config = oidcConfig;
        return this;
    }

    public String getAuthServerURI() {
        return this.authServerURI;
    }

    public VertxOAuth2AuthenticationMechanism setAuthServerURI(String str) {
        this.authServerURI = str;
        return this;
    }

    public OAuth2Auth getAuth() {
        return this.auth;
    }

    public VertxOAuth2AuthenticationMechanism setAuth(OAuth2Auth oAuth2Auth) {
        this.auth = oAuth2Auth;
        return this;
    }

    public CompletionStage<SecurityIdentity> authenticate(RoutingContext routingContext, IdentityProviderManager identityProviderManager) {
        int indexOf;
        String str = routingContext.request().headers().get(HttpHeaders.AUTHORIZATION);
        if (str != null && (indexOf = str.indexOf(32)) > 0 && BEARER.equalsIgnoreCase(str.substring(0, indexOf))) {
            return identityProviderManager.authenticate(new TokenAuthenticationRequest(new TokenCredential(str.substring(indexOf + 1), BEARER)));
        }
        return CompletableFuture.completedFuture(null);
    }

    public CompletionStage<Boolean> sendChallenge(RoutingContext routingContext) {
        routingContext.response().setStatusCode(302);
        routingContext.response().headers().set(HttpHeaders.LOCATION, authURI(this.authServerURI));
        return CompletableFuture.completedFuture(true);
    }

    private String authURI(String str) {
        JsonObject put = new JsonObject().put("state", str);
        put.put("redirect_uri", this.authServerURI);
        return this.auth.authorizeURL(put);
    }
}
