package org.commonjava.indy.bind.jaxrs.keycloak;

import io.undertow.security.idm.Account;
import io.undertow.security.idm.Credential;
import io.undertow.security.idm.IdentityManager;
import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import org.commonjava.indy.bind.jaxrs.util.JwtTokenUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ApplicationScoped
/* loaded from: input_file:org/commonjava/indy/bind/jaxrs/keycloak/IndyIdentityManager.class */
public class IndyIdentityManager implements IdentityManager {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Inject
    private JwtTokenUtils tokenUtils;

    @Inject
    private AuthConfig authConfig;

    /* loaded from: input_file:org/commonjava/indy/bind/jaxrs/keycloak/IndyIdentityManager$LocalAccount.class */
    private class LocalAccount implements Account {
        Set<String> roles;
        private final Principal principal = new Principal() { // from class: org.commonjava.indy.bind.jaxrs.keycloak.IndyIdentityManager.LocalAccount.1
            @Override // java.security.Principal
            public String getName() {
                return LocalAccount.this.name;
            }
        };
        String name = UUID.randomUUID().toString();

        public LocalAccount() {
            if (this.roles == null) {
                this.roles = new HashSet();
                String roles = IndyIdentityManager.this.authConfig.getRoles();
                if (roles.isBlank()) {
                    return;
                }
                for (String str : roles.split(",")) {
                    this.roles.add(str);
                }
            }
        }

        public Principal getPrincipal() {
            return this.principal;
        }

        public Set<String> getRoles() {
            return this.roles;
        }
    }

    public Account verify(String str, String str2) {
        if (!this.tokenUtils.validate(str, str2)) {
            return null;
        }
        LocalAccount localAccount = new LocalAccount();
        this.logger.info("Authenticated as {}, roles [{}]", localAccount.name, localAccount.roles);
        return localAccount;
    }

    public Account verify(Account account) {
        return account;
    }

    public Account verify(String str, Credential credential) {
        return null;
    }

    public Account verify(Credential credential) {
        return null;
    }
}
