package io.quarkus.security.jpa.runtime;

import io.quarkus.arc.Arc;
import io.quarkus.arc.ManagedContext;
import io.quarkus.security.AuthenticationFailedException;
import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.UsernamePasswordAuthenticationRequest;
import io.quarkus.security.jpa.common.runtime.JpaIdentityProviderUtil;
import io.smallrye.mutiny.Uni;
import jakarta.inject.Inject;
import jakarta.persistence.EntityManager;
import jakarta.persistence.Query;
import java.util.function.Supplier;
import org.hibernate.FlushMode;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/security/jpa/runtime/JpaIdentityProvider.class */
public abstract class JpaIdentityProvider implements IdentityProvider<UsernamePasswordAuthenticationRequest> {
    private static Logger log = Logger.getLogger(JpaIdentityProvider.class);

    @Inject
    SessionFactory sessionFactory;

    public Class<UsernamePasswordAuthenticationRequest> getRequestType() {
        return UsernamePasswordAuthenticationRequest.class;
    }

    public Uni<SecurityIdentity> authenticate(final UsernamePasswordAuthenticationRequest usernamePasswordAuthenticationRequest, AuthenticationRequestContext authenticationRequestContext) {
        return authenticationRequestContext.runBlocking(new Supplier<SecurityIdentity>() { // from class: io.quarkus.security.jpa.runtime.JpaIdentityProvider.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.function.Supplier
            public SecurityIdentity get() {
                if (!JpaIdentityProvider.this.requireActiveCDIRequestContext() || Arc.container().requestContext().isActive()) {
                    return JpaIdentityProvider.this.authenticate(usernamePasswordAuthenticationRequest);
                }
                ManagedContext requestContext = Arc.container().requestContext();
                requestContext.activate();
                try {
                    return JpaIdentityProvider.this.authenticate(usernamePasswordAuthenticationRequest);
                } finally {
                    requestContext.terminate();
                }
            }
        });
    }

    private SecurityIdentity authenticate(UsernamePasswordAuthenticationRequest usernamePasswordAuthenticationRequest) {
        try {
            Session openSession = this.sessionFactory.openSession();
            try {
                openSession.setHibernateFlushMode(FlushMode.MANUAL);
                openSession.setDefaultReadOnly(true);
                SecurityIdentity authenticate = authenticate((EntityManager) openSession, usernamePasswordAuthenticationRequest);
                if (openSession != null) {
                    openSession.close();
                }
                return authenticate;
            } finally {
            }
        } catch (SecurityException e) {
            log.debug("Authentication failed", e);
            throw new AuthenticationFailedException();
        }
    }

    protected <T> T getSingleUser(Query query) {
        return (T) JpaIdentityProviderUtil.getSingleUser(query.getResultList());
    }

    protected boolean requireActiveCDIRequestContext() {
        return false;
    }

    public abstract SecurityIdentity authenticate(EntityManager entityManager, UsernamePasswordAuthenticationRequest usernamePasswordAuthenticationRequest);
}
