package io.quarkus.smallrye.jwt.runtime.auth;

import io.quarkus.elytron.security.runtime.ElytronAccount;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.Credential;
import io.undertow.security.idm.IdentityManager;
import org.jboss.logging.Logger;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.evidence.BearerTokenEvidence;

/* loaded from: input_file:io/quarkus/smallrye/jwt/runtime/auth/JwtIdentityManager.class */
public class JwtIdentityManager implements IdentityManager {
    private static Logger log = Logger.getLogger(JwtIdentityManager.class);
    private final SecurityDomain domain;

    public JwtIdentityManager(SecurityDomain securityDomain) {
        this.domain = securityDomain;
    }

    public Account verify(Account account) {
        return account;
    }

    public Account verify(String str, Credential credential) {
        log.debugf("verify, id=%s, credential=%s", str, credential);
        try {
            if (credential instanceof JWTCredential) {
                try {
                    SecurityIdentity authenticate = this.domain.authenticate(new BearerTokenEvidence(((JWTCredential) credential).getBearerToken()));
                    log.debugf("authenticate, id=%s, result=%s", str, authenticate);
                    if (authenticate != null) {
                        return new ElytronAccount(authenticate);
                    }
                } catch (RealmUnavailableException e) {
                    log.debugf(e, "failed, id=%s, credential=%s", str, credential);
                }
            }
            return null;
        } catch (Exception e2) {
            log.warnf(e2, "Failed to verify id=%s", str);
            return null;
        }
    }

    public Account verify(Credential credential) {
        return null;
    }
}
