package org.jooby.pac4j;

import com.google.inject.Binder;
import com.google.inject.multibindings.Multibinder;
import com.typesafe.config.Config;
import com.typesafe.config.ConfigFactory;
import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Function;
import java.util.function.Supplier;
import org.jooby.Env;
import org.jooby.Jooby;
import org.jooby.Route;
import org.jooby.internal.pac4j.AuthCallback;
import org.jooby.internal.pac4j.AuthContext;
import org.jooby.internal.pac4j.AuthFilter;
import org.jooby.internal.pac4j.AuthLogout;
import org.jooby.internal.pac4j.BasicAuth;
import org.jooby.internal.pac4j.ClientType;
import org.jooby.internal.pac4j.ClientsProvider;
import org.jooby.internal.pac4j.FormAuth;
import org.jooby.internal.pac4j.FormFilter;
import org.jooby.scope.RequestScoped;
import org.jooby.util.Providers;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.Clients;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.http.client.BasicAuthClient;
import org.pac4j.http.credentials.SimpleTestUsernamePasswordAuthenticator;
import org.pac4j.http.credentials.UsernamePasswordAuthenticator;
import org.pac4j.http.profile.HttpProfile;
import org.pac4j.http.profile.UsernameProfileCreator;

/* loaded from: input_file:org/jooby/pac4j/Auth.class */
public class Auth implements Jooby.Module {
    public static final String ID = Auth.class.getName() + ".id";
    private List<BiConsumer<Binder, Config>> bindings = new ArrayList();
    private Class<? extends AuthStore<? extends UserProfile>> storeClass = AuthSessionStore.class;
    private Optional<String> logoutUrl = Optional.empty();
    private Optional<String> redirecTo = Optional.empty();

    public Auth form(String str, Class<? extends UsernamePasswordAuthenticator> cls, Class<? extends UsernameProfileCreator> cls2) {
        this.bindings.add((binder, config) -> {
            binder.bind(UsernamePasswordAuthenticator.class).to(cls);
            if (cls2 == UsernameProfileCreator.class) {
                binder.bind(UsernameProfileCreator.class);
            } else {
                binder.bind(UsernameProfileCreator.class).to(cls2);
            }
            binder.bind(HttpProfile.class).toProvider(Providers.outOfScope(HttpProfile.class)).in(RequestScoped.class);
            Multibinder.newSetBinder(binder, Client.class).addBinding().toProvider(FormAuth.class).asEagerSingleton();
            filter(binder, str, "Form", () -> {
                return (request, response, chain) -> {
                    new FormFilter((AuthStore) request.require(AuthStore.class), config.getString("auth.form.loginUrl"), config.getString("auth.callback")).handle(request, response, chain);
                };
            });
        });
        return this;
    }

    public Auth form(String str, Class<? extends UsernamePasswordAuthenticator> cls) {
        return form(str, cls, UsernameProfileCreator.class);
    }

    public Auth form(String str) {
        return form(str, SimpleTestUsernamePasswordAuthenticator.class);
    }

    public Auth form() {
        return form("*");
    }

    public Auth basic(String str, Class<? extends UsernamePasswordAuthenticator> cls, Class<? extends UsernameProfileCreator> cls2) {
        this.bindings.add((binder, config) -> {
            binder.bind(UsernamePasswordAuthenticator.class).to(cls);
            if (cls2 == UsernameProfileCreator.class) {
                binder.bind(UsernameProfileCreator.class);
            } else {
                binder.bind(UsernameProfileCreator.class).to(cls2);
            }
            binder.bind(HttpProfile.class).toProvider(Providers.outOfScope(HttpProfile.class)).in(RequestScoped.class);
            Multibinder.newSetBinder(binder, Client.class).addBinding().toProvider(BasicAuth.class).asEagerSingleton();
            filter(binder, str, "Basic", () -> {
                return (request, response, chain) -> {
                    new AuthFilter(BasicAuthClient.class, HttpProfile.class, (AuthStore) request.require(AuthStore.class)).handle(request, response, chain);
                };
            });
        });
        return this;
    }

    public Auth basic(String str, Class<? extends UsernamePasswordAuthenticator> cls) {
        return basic(str, cls, UsernameProfileCreator.class);
    }

    public Auth basic(String str) {
        return basic(str, SimpleTestUsernamePasswordAuthenticator.class);
    }

    public Auth basic() {
        return basic("*");
    }

    public <C extends Credentials, U extends UserProfile> Auth client(Client<C, U> client) {
        return client("*", client);
    }

    public <C extends Credentials, U extends UserProfile> Auth client(String str, Client<C, U> client) {
        return client(str, config -> {
            return client;
        });
    }

    public <C extends Credentials, U extends UserProfile> Auth client(Function<Config, Client<C, U>> function) {
        return client("*", function);
    }

    public <C extends Credentials, U extends UserProfile> Auth client(String str, Function<Config, Client<C, U>> function) {
        this.bindings.add((binder, config) -> {
            Client client = (Client) function.apply(config);
            Multibinder.newSetBinder(binder, Client.class).addBinding().toInstance(function.apply(config));
            filter(binder, str, true, (Class<? extends Client<?, ?>>) client.getClass());
        });
        return this;
    }

    public <U extends UserProfile> Auth store(Class<? extends AuthStore<U>> cls) {
        this.storeClass = (Class) Objects.requireNonNull(cls, "Store is required.");
        return this;
    }

    public Auth logout(String str, String str2) {
        this.logoutUrl = Optional.of(str);
        this.redirecTo = Optional.of(str2);
        return this;
    }

    public Auth logout(String str) {
        this.logoutUrl = Optional.of(str);
        this.redirecTo = Optional.empty();
        return this;
    }

    public void configure(Env env, Config config, Binder binder) {
        binder.bind(Clients.class).toProvider(ClientsProvider.class);
        String path = URI.create(config.getString("auth.callback")).getPath();
        Multibinder newSetBinder = Multibinder.newSetBinder(binder, Route.Definition.class);
        newSetBinder.addBinding().toInstance(new Route.Definition("*", path, (request, response, chain) -> {
            ((AuthCallback) request.require(AuthCallback.class)).handle(request, response, chain);
        }).name("auth(Callback)"));
        newSetBinder.addBinding().toInstance(new Route.Definition("*", this.logoutUrl.orElse(config.getString("auth.logout.url")), new AuthLogout(this.redirecTo.orElse(config.getString("auth.logout.redirectTo")))).name("auth(Logout)"));
        if (this.bindings.size() == 0) {
            form();
        }
        this.bindings.forEach(biConsumer -> {
            biConsumer.accept(binder, config);
        });
        binder.bind(AuthStore.class).to(this.storeClass).asEagerSingleton();
        binder.bind(WebContext.class).to(AuthContext.class).in(RequestScoped.class);
    }

    public Config config() {
        return ConfigFactory.parseResources(getClass(), "auth.conf");
    }

    private void filter(Binder binder, String str, boolean z, Class<? extends Client<?, ?>> cls) {
        String replace = cls.getSimpleName().replace("Client", "");
        Class<? extends UserProfile> typeOf = ClientType.typeOf(cls);
        binder.bind(typeOf).toProvider(Providers.outOfScope(typeOf)).in(RequestScoped.class);
        filter(binder, str, replace, () -> {
            return (request, response, chain) -> {
                new AuthFilter(cls, typeOf, (AuthStore) request.require(AuthStore.class)).handle(request, response, chain);
            };
        });
    }

    private void filter(Binder binder, String str, String str2, Supplier<Route.Filter> supplier) {
        Multibinder.newSetBinder(binder, Route.Definition.class).addBinding().toInstance(new Route.Definition("*", str, supplier.get()).name("auth(" + str2 + ")"));
    }
}
