package io.continual.iam.apiserver.endpoints;

import io.continual.builder.Builder;
import io.continual.http.app.servers.CorsOptionsRouter;
import io.continual.http.app.servers.endpoints.JsonIoEndpoint;
import io.continual.http.app.servers.endpoints.TypicalRestApiEndpoint;
import io.continual.http.service.framework.context.CHttpRequestContext;
import io.continual.iam.IamService;
import io.continual.iam.credentials.UsernamePasswordCredential;
import io.continual.iam.exceptions.IamSvcException;
import io.continual.iam.identity.Identity;
import io.continual.iam.identity.UserContext;
import io.continual.services.ServiceContainer;
import java.io.IOException;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:io/continual/iam/apiserver/endpoints/AuthApiHandler.class */
public class AuthApiHandler<I extends Identity> extends TypicalRestApiEndpoint<I> {
    public AuthApiHandler(ServiceContainer serviceContainer, JSONObject jSONObject) throws Builder.BuildFailure {
        super(serviceContainer, jSONObject);
    }

    public void login(CHttpRequestContext cHttpRequestContext) throws IamSvcException, IOException {
        try {
            CorsOptionsRouter.setupCorsHeaders(cHttpRequestContext);
            JSONObject readBody = readBody(cHttpRequestContext);
            String readJsonString = readJsonString(readBody, "username");
            String readJsonString2 = readJsonString(readBody, "password");
            IamService internalAccts = super.getInternalAccts();
            Identity authenticate = internalAccts.getIdentityDb().authenticate(new UsernamePasswordCredential(readJsonString, readJsonString2));
            if (authenticate != null) {
                sendJson(cHttpRequestContext, new JSONObject().put("status", "ok").put("token", internalAccts.getIdentityDb().createJwtToken(authenticate)));
            } else {
                sendStatusCodeAndMessage(cHttpRequestContext, 401, "Unable to sign in.");
            }
        } catch (JSONException e) {
            sendStatusCodeAndMessage(cHttpRequestContext, 400, "There's a problem with your JSON.");
        } catch (JsonIoEndpoint.MissingInputException e2) {
            sendStatusCodeAndMessage(cHttpRequestContext, 400, e2.getMessage());
        }
    }

    public void logout(CHttpRequestContext cHttpRequestContext) throws IamSvcException, IOException {
        CorsOptionsRouter.setupCorsHeaders(cHttpRequestContext);
        if (getUser(cHttpRequestContext) != null) {
            IamService internalAccts = super.getInternalAccts();
            String firstHeader = cHttpRequestContext.request().getFirstHeader("Authorization");
            if (firstHeader == null || !firstHeader.startsWith("Bearer ")) {
                return;
            }
            String[] split = firstHeader.split(" ");
            if (split.length == 2) {
                internalAccts.getIdentityDb().invalidateJwtToken(split[1]);
            }
        }
    }

    public void changePassword(CHttpRequestContext cHttpRequestContext) throws IamSvcException, IOException {
        CorsOptionsRouter.setupCorsHeaders(cHttpRequestContext);
        UserContext user = getUser(cHttpRequestContext);
        if (user == null) {
            sendNotAuth(cHttpRequestContext);
            return;
        }
        JSONObject readBody = readBody(cHttpRequestContext);
        String effectiveUserId = user.getEffectiveUserId();
        String string = readBody.getString("currentPassword");
        String string2 = readBody.getString("newPassword");
        Identity authenticate = super.getInternalAccts().getIdentityDb().authenticate(new UsernamePasswordCredential(effectiveUserId, string));
        if (authenticate == null) {
            sendNotAuth(cHttpRequestContext);
        } else {
            authenticate.setPassword(string2);
            sendStatusOk(cHttpRequestContext, "ok");
        }
    }
}
