package net.officefloor.plugin.web.http.security.scheme;

import java.io.IOException;
import net.officefloor.plugin.web.http.security.HttpAuthenticateContext;
import net.officefloor.plugin.web.http.security.HttpChallengeContext;
import net.officefloor.plugin.web.http.security.HttpCredentials;
import net.officefloor.plugin.web.http.security.HttpLogoutContext;
import net.officefloor.plugin.web.http.security.HttpRatifyContext;
import net.officefloor.plugin.web.http.security.HttpSecurity;
import net.officefloor.plugin.web.http.security.impl.AbstractHttpSecuritySource;
import net.officefloor.plugin.web.http.security.store.CredentialStore;
import net.officefloor.plugin.web.http.security.store.CredentialStoreUtil;

/* loaded from: input_file:WEB-INF/lib/officeplugin_web-2.16.0.jar:net/officefloor/plugin/web/http/security/scheme/FormHttpSecuritySource.class */
public class FormHttpSecuritySource extends AbstractHttpSecuritySource<HttpSecurity, HttpCredentials, Dependencies, Flows> {
    public static final String PROPERTY_REALM = "http.security.form.realm";
    private static final String SESSION_ATTRIBUTE_HTTP_SECURITY = "http.security.source.form.http.security";
    private String realm;

    /* loaded from: input_file:WEB-INF/lib/officeplugin_web-2.16.0.jar:net/officefloor/plugin/web/http/security/scheme/FormHttpSecuritySource$Dependencies.class */
    public enum Dependencies {
        CREDENTIAL_STORE
    }

    /* loaded from: input_file:WEB-INF/lib/officeplugin_web-2.16.0.jar:net/officefloor/plugin/web/http/security/scheme/FormHttpSecuritySource$Flows.class */
    public enum Flows {
        FORM_LOGIN_PAGE
    }

    protected HttpSecurity authenticate(String str, String str2, byte[] bArr, CredentialStore credentialStore) throws IOException {
        return CredentialStoreUtil.authenticate(str, str2, bArr, "Form", credentialStore);
    }

    @Override // net.officefloor.plugin.web.http.security.impl.AbstractHttpSecuritySource
    protected void loadSpecification(AbstractHttpSecuritySource.SpecificationContext specificationContext) {
        specificationContext.addProperty(PROPERTY_REALM, "Realm");
    }

    @Override // net.officefloor.plugin.web.http.security.impl.AbstractHttpSecuritySource
    protected void loadMetaData(AbstractHttpSecuritySource.MetaDataContext<HttpSecurity, HttpCredentials, Dependencies, Flows> metaDataContext) throws Exception {
        this.realm = metaDataContext.getHttpSecuritySourceContext().getProperty(PROPERTY_REALM);
        metaDataContext.setSecurityClass(HttpSecurity.class);
        metaDataContext.setCredentialsClass(HttpCredentials.class);
        metaDataContext.addDependency(Dependencies.CREDENTIAL_STORE, CredentialStore.class);
        metaDataContext.addFlow(Flows.FORM_LOGIN_PAGE, null);
    }

    @Override // net.officefloor.plugin.web.http.security.HttpSecuritySource
    public boolean ratify(HttpRatifyContext<HttpSecurity, HttpCredentials> httpRatifyContext) {
        HttpSecurity httpSecurity = (HttpSecurity) httpRatifyContext.getSession().getAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY);
        if (httpSecurity == null) {
            return httpRatifyContext.getCredentials() != null;
        }
        httpRatifyContext.setHttpSecurity(httpSecurity);
        return false;
    }

    @Override // net.officefloor.plugin.web.http.security.HttpSecuritySource
    public void authenticate(HttpAuthenticateContext<HttpSecurity, HttpCredentials, Dependencies> httpAuthenticateContext) throws IOException {
        String username;
        byte[] password;
        HttpCredentials credentials = httpAuthenticateContext.getCredentials();
        if (credentials == null || (username = credentials.getUsername()) == null || (password = credentials.getPassword()) == null) {
            return;
        }
        HttpSecurity authenticate = authenticate(username, this.realm, password, (CredentialStore) httpAuthenticateContext.getObject(Dependencies.CREDENTIAL_STORE));
        if (authenticate == null) {
            return;
        }
        httpAuthenticateContext.getSession().setAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY, authenticate);
        httpAuthenticateContext.setHttpSecurity(authenticate);
    }

    @Override // net.officefloor.plugin.web.http.security.HttpSecuritySource
    public void challenge(HttpChallengeContext<Dependencies, Flows> httpChallengeContext) throws IOException {
        httpChallengeContext.doFlow(Flows.FORM_LOGIN_PAGE);
    }

    @Override // net.officefloor.plugin.web.http.security.HttpSecuritySource
    public void logout(HttpLogoutContext<Dependencies> httpLogoutContext) throws IOException {
        httpLogoutContext.getSession().removeAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY);
    }
}
