package org.pac4j.http.credentials.authenticator;

import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import org.pac4j.core.context.HttpConstants;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.definition.CommonProfileDefinition;
import org.pac4j.core.profile.definition.ProfileDefinitionAware;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.HttpUtils;
import org.pac4j.http.profile.RestProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/pac4j-http-3.3.0.jar:org/pac4j/http/credentials/authenticator/RestAuthenticator.class */
public class RestAuthenticator extends ProfileDefinitionAware<RestProfile> implements Authenticator<UsernamePasswordCredentials> {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) RestAuthenticator.class);
    private ObjectMapper mapper;
    private String url;

    public RestAuthenticator() {
    }

    public RestAuthenticator(String str) {
        this.url = str;
    }

    @Override // org.pac4j.core.util.InitializableObject
    protected void internalInit() {
        CommonHelper.assertNotBlank("url", this.url);
        defaultProfileDefinition(new CommonProfileDefinition(objArr -> {
            return new RestProfile();
        }));
        if (this.mapper == null) {
            this.mapper = new ObjectMapper();
            this.mapper.configure(JsonParser.Feature.ALLOW_UNQUOTED_FIELD_NAMES, true);
            this.mapper.configure(JsonParser.Feature.ALLOW_SINGLE_QUOTES, true);
            this.mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        }
    }

    @Override // org.pac4j.core.credentials.authenticator.Authenticator
    public void validate(UsernamePasswordCredentials usernamePasswordCredentials, WebContext webContext) {
        init();
        String username = usernamePasswordCredentials.getUsername();
        String password = usernamePasswordCredentials.getPassword();
        if (CommonHelper.isBlank(username) || CommonHelper.isBlank(password)) {
            logger.info("Empty username or password");
            return;
        }
        String callRestApi = callRestApi(username, password);
        logger.debug("body: {}", callRestApi);
        if (callRestApi != null) {
            buildProfile(usernamePasswordCredentials, callRestApi);
        }
    }

    protected void buildProfile(UsernamePasswordCredentials usernamePasswordCredentials, String str) {
        try {
            RestProfile restProfile = (RestProfile) this.mapper.readValue(str, getProfileDefinition().newProfile(new Object[0]).getClass());
            logger.debug("profile: {}", restProfile);
            usernamePasswordCredentials.setUserProfile(restProfile);
        } catch (IOException e) {
            throw new TechnicalException(e);
        }
    }

    protected String callRestApi(String str, String str2) {
        String encodeToString = Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(StandardCharsets.UTF_8));
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", HttpConstants.BASIC_HEADER_PREFIX + encodeToString);
        try {
            try {
                HttpURLConnection openPostConnection = HttpUtils.openPostConnection(new URL(this.url), hashMap);
                int responseCode = openPostConnection.getResponseCode();
                if (responseCode == 200) {
                    logger.debug("Authentication success for username: {}", str);
                    String readBody = HttpUtils.readBody(openPostConnection);
                    HttpUtils.closeConnection(openPostConnection);
                    return readBody;
                }
                if (responseCode == 401 || responseCode == 403) {
                    logger.info("Authentication failure for username: {} -> {}", str, HttpUtils.buildHttpErrorMessage(openPostConnection));
                    HttpUtils.closeConnection(openPostConnection);
                    return null;
                }
                logger.warn("Unexpected error for username: {} -> {}", str, HttpUtils.buildHttpErrorMessage(openPostConnection));
                HttpUtils.closeConnection(openPostConnection);
                return null;
            } catch (IOException e) {
                throw new TechnicalException(e);
            }
        } catch (Throwable th) {
            HttpUtils.closeConnection(null);
            throw th;
        }
    }

    public String getUrl() {
        return this.url;
    }

    public void setUrl(String str) {
        this.url = str;
    }

    public ObjectMapper getMapper() {
        return this.mapper;
    }

    public void setMapper(ObjectMapper objectMapper) {
        this.mapper = objectMapper;
    }

    public String toString() {
        return CommonHelper.toNiceString(getClass(), "url", this.url, "mapper", this.mapper);
    }
}
