package io.quarkus.security.runtime;

import io.quarkus.runtime.BlockingOperationControl;
import io.quarkus.security.AuthenticationFailedException;
import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.IdentityProviderManager;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.SecurityIdentityAugmentor;
import io.quarkus.security.identity.request.AnonymousAuthenticationRequest;
import io.quarkus.security.identity.request.AuthenticationRequest;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.concurrent.Executor;
import java.util.function.Function;
import java.util.function.Supplier;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/security/runtime/QuarkusIdentityProviderManagerImpl.class */
public class QuarkusIdentityProviderManagerImpl implements IdentityProviderManager {
    private static final Logger log = Logger.getLogger(QuarkusIdentityProviderManagerImpl.class);
    private final Map<Class<? extends AuthenticationRequest>, List<IdentityProvider>> providers;
    private final List<SecurityIdentityAugmentor> augmenters;
    private final Executor blockingExecutor;
    private final AuthenticationRequestContext blockingRequestContext = new AuthenticationRequestContext() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.1
        public CompletionStage<SecurityIdentity> runBlocking(final Supplier<SecurityIdentity> supplier) {
            if (!BlockingOperationControl.isBlockingAllowed()) {
                final CompletableFuture completableFuture = new CompletableFuture();
                QuarkusIdentityProviderManagerImpl.this.blockingExecutor.execute(new Runnable() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.1.1
                    @Override // java.lang.Runnable
                    public void run() {
                        try {
                            completableFuture.complete(supplier.get());
                        } catch (Throwable th) {
                            completableFuture.completeExceptionally(th);
                        }
                    }
                });
                return completableFuture;
            }
            CompletableFuture completableFuture2 = new CompletableFuture();
            try {
                completableFuture2.complete(supplier.get());
            } catch (Throwable th) {
                completableFuture2.completeExceptionally(th);
            }
            return completableFuture2;
        }
    };

    /* loaded from: input_file:io/quarkus/security/runtime/QuarkusIdentityProviderManagerImpl$Builder.class */
    public static class Builder {
        private Executor blockingExecutor;
        private final Map<Class<? extends AuthenticationRequest>, List<IdentityProvider>> providers = new HashMap();
        private final List<SecurityIdentityAugmentor> augmenters = new ArrayList();
        private boolean built = false;

        Builder() {
        }

        public Builder addProvider(IdentityProvider identityProvider) {
            if (this.built) {
                throw new IllegalStateException("manager has already been built");
            }
            this.providers.computeIfAbsent(identityProvider.getRequestType(), cls -> {
                return new ArrayList();
            }).add(identityProvider);
            return this;
        }

        public Builder addSecurityIdentityAugmenter(SecurityIdentityAugmentor securityIdentityAugmentor) {
            this.augmenters.add(securityIdentityAugmentor);
            return this;
        }

        public Builder setBlockingExecutor(Executor executor) {
            this.blockingExecutor = executor;
            return this;
        }

        public QuarkusIdentityProviderManagerImpl build() {
            this.built = true;
            if (!this.providers.containsKey(AnonymousAuthenticationRequest.class)) {
                throw new IllegalStateException("No AnonymousIdentityProvider registered. An instance of AnonymousIdentityProvider must be provided to allow the Anonymous identity to be created.");
            }
            if (this.blockingExecutor == null) {
                throw new IllegalStateException("no blocking executor specified");
            }
            this.augmenters.sort(new Comparator<SecurityIdentityAugmentor>() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.Builder.1
                @Override // java.util.Comparator
                public int compare(SecurityIdentityAugmentor securityIdentityAugmentor, SecurityIdentityAugmentor securityIdentityAugmentor2) {
                    return Integer.compare(securityIdentityAugmentor2.priority(), securityIdentityAugmentor.priority());
                }
            });
            return new QuarkusIdentityProviderManagerImpl(this);
        }
    }

    QuarkusIdentityProviderManagerImpl(Builder builder) {
        this.providers = builder.providers;
        this.augmenters = builder.augmenters;
        this.blockingExecutor = builder.blockingExecutor;
    }

    public CompletionStage<SecurityIdentity> authenticate(AuthenticationRequest authenticationRequest) {
        List<IdentityProvider> list = this.providers.get(authenticationRequest.getClass());
        if (list != null) {
            return handleProvider(0, list, authenticationRequest, this.blockingRequestContext);
        }
        CompletableFuture completableFuture = new CompletableFuture();
        completableFuture.completeExceptionally(new IllegalArgumentException("No IdentityProviders were registered to handle AuthenticationRequest " + authenticationRequest));
        return completableFuture;
    }

    public SecurityIdentity authenticateBlocking(AuthenticationRequest authenticationRequest) {
        List<IdentityProvider> list = this.providers.get(authenticationRequest.getClass());
        if (list == null) {
            throw new IllegalArgumentException("No IdentityProviders were registered to handle AuthenticationRequest " + authenticationRequest);
        }
        return handleProvider(0, list, authenticationRequest, this.blockingRequestContext).toCompletableFuture().join();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public <T extends AuthenticationRequest> CompletionStage<SecurityIdentity> handleProvider(final int i, final List<IdentityProvider<T>> list, final T t, final AuthenticationRequestContext authenticationRequestContext) {
        if (i != list.size()) {
            return list.get(i).authenticate(t, authenticationRequestContext).thenCompose(new Function<SecurityIdentity, CompletionStage<SecurityIdentity>>() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.2
                @Override // java.util.function.Function
                public CompletionStage<SecurityIdentity> apply(SecurityIdentity securityIdentity) {
                    return securityIdentity != null ? CompletableFuture.completedFuture(securityIdentity) : QuarkusIdentityProviderManagerImpl.this.handleProvider(i + 1, list, t, authenticationRequestContext);
                }
            }).thenCompose(new Function<SecurityIdentity, CompletionStage<SecurityIdentity>>() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.3
                @Override // java.util.function.Function
                public CompletionStage<SecurityIdentity> apply(SecurityIdentity securityIdentity) {
                    return QuarkusIdentityProviderManagerImpl.this.handleIdentityFromProvider(0, securityIdentity, authenticationRequestContext);
                }
            });
        }
        log.debug("Authentication failed as providers would authenticate the request");
        CompletableFuture completableFuture = new CompletableFuture();
        completableFuture.completeExceptionally(new AuthenticationFailedException());
        return completableFuture;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public CompletionStage<SecurityIdentity> handleIdentityFromProvider(final int i, SecurityIdentity securityIdentity, final AuthenticationRequestContext authenticationRequestContext) {
        return i == this.augmenters.size() ? CompletableFuture.completedFuture(securityIdentity) : this.augmenters.get(i).augment(securityIdentity, authenticationRequestContext).thenCompose(new Function<SecurityIdentity, CompletionStage<SecurityIdentity>>() { // from class: io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl.4
            @Override // java.util.function.Function
            public CompletionStage<SecurityIdentity> apply(SecurityIdentity securityIdentity2) {
                return QuarkusIdentityProviderManagerImpl.this.handleIdentityFromProvider(i + 1, securityIdentity2, authenticationRequestContext);
            }
        });
    }

    public static Builder builder() {
        return new Builder();
    }
}
