package fish.payara.security.oauth2;

import fish.payara.security.annotations.OAuth2AuthenticationDefinition;
import fish.payara.security.oauth2.api.OAuth2State;
import fish.payara.security.oauth2.api.OAuthIdentityStore;
import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
import javax.enterprise.inject.spi.AfterBeanDiscovery;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.BeforeBeanDiscovery;
import javax.enterprise.inject.spi.CDI;
import javax.enterprise.inject.spi.DefinitionException;
import javax.enterprise.inject.spi.Extension;
import javax.enterprise.inject.spi.ProcessBean;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.identitystore.IdentityStore;
import org.glassfish.soteria.cdi.CdiProducer;
import org.glassfish.soteria.cdi.CdiUtils;

/* loaded from: input_file:fish/payara/security/oauth2/OAuth2MechanismHandler.class */
public class OAuth2MechanismHandler implements Extension {
    private static final Logger LOGGER = Logger.getLogger(OAuth2MechanismHandler.class.getName());
    private final List<Bean<IdentityStore>> identityStoreBeans = new ArrayList();
    private Bean<HttpAuthenticationMechanism> authenticationMechanismBean;

    public <T> void findOAuth2DefinitionAnnotation(@Observes ProcessBean<T> processBean, BeanManager beanManager) {
        Class<?> beanClass = processBean.getBean().getBeanClass();
        CdiUtils.getAnnotation(beanManager, processBean.getAnnotated(), OAuth2AuthenticationDefinition.class).ifPresent(oAuth2AuthenticationDefinition -> {
            validateDefinition(oAuth2AuthenticationDefinition);
            LOGGER.log(Level.FINE, "Processing definition {0}", oAuth2AuthenticationDefinition);
            logActivatedIdentityStore(OAuth2AuthenticationDefinition.class, beanClass);
            this.identityStoreBeans.add(new CdiProducer().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class).addToId(OAuthIdentityStore.class).create(creationalContext -> {
                return new OAuthIdentityStore();
            }));
            logActivatedAuthenticationMechanism(OAuth2AuthenticationMechanism.class, beanClass);
            this.authenticationMechanismBean = new CdiProducer().scope(ApplicationScoped.class).beanClass(HttpAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class).addToId(OAuth2AuthenticationMechanism.class).create(creationalContext2 -> {
                OAuth2AuthenticationMechanism oAuth2AuthenticationMechanism = (OAuth2AuthenticationMechanism) CDI.current().select(OAuth2AuthenticationMechanism.class, new Annotation[0]).get2();
                oAuth2AuthenticationMechanism.setDefinition(oAuth2AuthenticationDefinition);
                return oAuth2AuthenticationMechanism;
            });
        });
    }

    private void validateDefinition(OAuth2AuthenticationDefinition oAuth2AuthenticationDefinition) {
        for (String str : oAuth2AuthenticationDefinition.extraParameters()) {
            if (str.split("=").length != 2) {
                throw new DefinitionException("Exception processing OAuth2AuthenticationDefinition: extraParameter on annotation " + oAuth2AuthenticationDefinition.toString() + " is not of the format key=value");
            }
        }
    }

    void beforeBeanDiscovery(@Observes BeforeBeanDiscovery beforeBeanDiscovery, BeanManager beanManager) {
        LOGGER.log(Level.FINER, "OAuth2Handler - BeforeBeanDiscovery {0}", beforeBeanDiscovery.toString());
        beforeBeanDiscovery.addAnnotatedType(beanManager.createAnnotatedType(OAuth2AuthenticationMechanism.class), "OAuth2 Mechanism");
        beforeBeanDiscovery.addAnnotatedType(beanManager.createAnnotatedType(OAuth2StateHolder.class), "OAuth2Token");
        beforeBeanDiscovery.addAnnotatedType(beanManager.createAnnotatedType(OAuth2State.class), "OAuth2State");
    }

    void afterBeanDiscovery(@Observes AfterBeanDiscovery afterBeanDiscovery, BeanManager beanManager) {
        if (!this.identityStoreBeans.isEmpty()) {
            List<Bean<IdentityStore>> list = this.identityStoreBeans;
            afterBeanDiscovery.getClass();
            list.forEach(afterBeanDiscovery::addBean);
        }
        if (this.authenticationMechanismBean != null) {
            LOGGER.log(Level.FINE, "Creating OAuth2 Mechanism");
            afterBeanDiscovery.addBean(this.authenticationMechanismBean);
        }
    }

    private void logActivatedIdentityStore(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} identity store from {1} class", (Object[]) new String[]{cls.getName(), cls2.getName()});
    }

    private void logActivatedAuthenticationMechanism(Class<?> cls, Class<?> cls2) {
        LOGGER.log(Level.INFO, "Activating {0} authentication mechanism from {1} class", (Object[]) new String[]{cls.getName(), cls2.getName()});
    }
}
