package cz.integsoft.mule.security.internal.operation;

import cz.integsoft.mule.security.api.SecurityConstants;
import cz.integsoft.mule.security.api.SecurityErrorCode;
import cz.integsoft.mule.security.api.TokenCacheManager;
import cz.integsoft.mule.security.api.error.SecurityModuleError;
import cz.integsoft.mule.security.api.exception.GenericSecurityException;
import cz.integsoft.mule.security.internal.KeycloakAuthenticationDelegate;
import cz.integsoft.mule.security.internal.config.AuthenticationConfig;
import cz.integsoft.mule.security.internal.error.AuthErrorTypeProvider;
import cz.integsoft.mule.security.internal.metadata.PrincipalOutputTypeResolver;
import cz.integsoft.mule.security.internal.parameter.AuthenticationParameters;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.runtime.api.meta.model.operation.ExecutionType;
import org.mule.runtime.api.security.Authentication;
import org.mule.runtime.api.security.UnknownAuthenticationTypeException;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.error.Throws;
import org.mule.runtime.extension.api.annotation.execution.Execution;
import org.mule.runtime.extension.api.annotation.metadata.OutputResolver;
import org.mule.runtime.extension.api.annotation.param.Config;
import org.mule.runtime.extension.api.annotation.param.MediaType;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.ParameterGroup;
import org.mule.runtime.extension.api.security.AuthenticationHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/integsoft/mule/security/internal/operation/AuthenticationOperations.class */
public class AuthenticationOperations extends AbstractOperation {
    private static final Logger a = LoggerFactory.getLogger(AuthenticationOperations.class);

    @Inject
    @Named("ismSsoTokenCacheManager")
    private TokenCacheManager W;

    @Throws({AuthErrorTypeProvider.class})
    public void authenticate(@Config AuthenticationConfig authenticationConfig, @ParameterGroup(name = "Authentication Parameters") AuthenticationParameters authenticationParameters, @Optional(defaultValue = "#[message]") @Alias(value = "message", description = "Message. Defaults to #[message]") Object obj, @Optional(defaultValue = "#[vars]") @Alias(value = "variables", description = "Flow variables. Defaults to #[vars]") Map<String, Object> map, @Optional(defaultValue = "#[attributes]") @Alias(value = "attributes", description = "Message attributes. Defaults to #[attributes]") Object obj2, AuthenticationHandler authenticationHandler) {
        l();
        try {
            if (obj2 == null) {
                throw new GenericSecurityException(SecurityModuleError.GENERIC_SECURITY, SecurityErrorCode.SEC_ANY_002, "Missing request attributes in the incoming message. Do you have http:listener before?");
            }
            if (!(obj2 instanceof HttpRequestAttributes)) {
                throw new GenericSecurityException(SecurityModuleError.GENERIC_SECURITY, SecurityErrorCode.SEC_ANY_003, "Bad request attributes. It is expected that attributes are instance of HttpRequestAttributes.");
            }
            KeycloakAuthenticationDelegate keycloakAuthenticationDelegate = new KeycloakAuthenticationDelegate();
            keycloakAuthenticationDelegate.setDeploymentContext(authenticationConfig.getKeycloakSecurity().getDeploymentContext());
            keycloakAuthenticationDelegate.setSecurityManager(authenticationConfig.getSecurityManager());
            keycloakAuthenticationDelegate.setKeycloakFilter(authenticationConfig.getKeycloakSecurity().getKeycloakFilter());
            keycloakAuthenticationDelegate.setTokenCacheManager(this.W);
            a.debug("Authentication delegated prepared:" + keycloakAuthenticationDelegate);
            keycloakAuthenticationDelegate.authenticate(authenticationConfig, authenticationParameters, map, (HttpRequestAttributes) obj2, authenticationHandler);
        } catch (UnknownAuthenticationTypeException e) {
            throw new GenericSecurityException(SecurityModuleError.GENERIC_SECURITY, e);
        }
    }

    @Throws({AuthErrorTypeProvider.class})
    @Execution(ExecutionType.CPU_LITE)
    @MediaType(value = "*/*", strict = false)
    @Alias(value = "get-access-token", description = "Gets access token from the current authentication if present")
    public String getAccessToken(AuthenticationHandler authenticationHandler) {
        java.util.Optional authentication = authenticationHandler.getAuthentication();
        if (!authentication.isPresent() || ((Authentication) authentication.get()).getProperties() == null) {
            return null;
        }
        return (String) ((Authentication) authentication.get()).getProperties().get(SecurityConstants.ACCESS_TOKEN_PROPERTY_NAME);
    }

    @Throws({AuthErrorTypeProvider.class})
    @Execution(ExecutionType.CPU_LITE)
    @MediaType(value = "*/*", strict = false)
    @Alias(value = "get-refresh-token", description = "Gets refresh token from the current authentication if present")
    public String getRefreshToken(AuthenticationHandler authenticationHandler) {
        java.util.Optional authentication = authenticationHandler.getAuthentication();
        if (!authentication.isPresent() || ((Authentication) authentication.get()).getProperties() == null) {
            return null;
        }
        return (String) ((Authentication) authentication.get()).getProperties().get(SecurityConstants.REFRESH_TOKEN_PROPERTY_NAME);
    }

    @Throws({AuthErrorTypeProvider.class})
    @Execution(ExecutionType.CPU_LITE)
    @OutputResolver(output = PrincipalOutputTypeResolver.class)
    @Alias(value = "get-principal", description = "Gets principal from the current authentication if present")
    public Object getPrincipal(AuthenticationHandler authenticationHandler) {
        java.util.Optional authentication = authenticationHandler.getAuthentication();
        if (!authentication.isPresent() || ((Authentication) authentication.get()).getProperties() == null) {
            return null;
        }
        return ((Authentication) authentication.get()).getProperties().get(SecurityConstants.PRINCIPAL_PROPERTY);
    }
}
