package org.imixs.microservice.core.auth;

import java.util.logging.Logger;
import javax.crypto.SecretKey;
import javax.enterprise.context.RequestScoped;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.imixs.jwt.HMAC;
import org.imixs.jwt.JWTBuilder;
import org.imixs.jwt.JWTException;
import org.imixs.melman.AbstractClient;
import org.imixs.melman.BasicAuthenticator;
import org.imixs.melman.FormAuthenticator;
import org.imixs.melman.JWTAuthenticator;

@RequestScoped
/* loaded from: input_file:org/imixs/microservice/core/auth/DefaultAuthenticator.class */
public class DefaultAuthenticator {

    @Inject
    @ConfigProperty(name = "imixs.auth.secret", defaultValue = "")
    String authSecret;

    @Inject
    @ConfigProperty(name = "imixs.auth.service", defaultValue = "")
    String authService;

    @Inject
    @ConfigProperty(name = "imixs.auth.userid", defaultValue = "")
    String authUserID;

    @Inject
    @ConfigProperty(name = "imixs.auth.method", defaultValue = "CUSTOM")
    String authMethod;
    private static Logger logger = Logger.getLogger(DefaultAuthenticator.class.getName());

    public void registerRequestFilter(@Observes AuthEvent authEvent) throws AuthException {
        if ("CUSTOM".equalsIgnoreCase(this.authMethod) || this.authMethod.isEmpty()) {
            logger.finest("......Default Auth Module disabled!");
            return;
        }
        if (this.authSecret.isEmpty()) {
            logger.warning("Default Auth Module: secret not set - check your configuration!");
        }
        if (this.authUserID.isEmpty()) {
            logger.warning("Default Auth Module: secret not set - check your configuration!");
        }
        if ("JWT".equalsIgnoreCase(this.authMethod)) {
            registerJWTAuthenticator(authEvent.getClient());
        }
        if ("BASIC".equalsIgnoreCase(this.authMethod)) {
            registerBasicAuthenticator(authEvent.getClient());
        }
        if ("FORM".equalsIgnoreCase(this.authMethod)) {
            registerFormAuthenticator(authEvent.getClient());
        }
    }

    private void registerBasicAuthenticator(AbstractClient abstractClient) {
        abstractClient.registerClientRequestFilter(new BasicAuthenticator(this.authUserID, this.authSecret));
    }

    private void registerFormAuthenticator(AbstractClient abstractClient) {
        abstractClient.registerClientRequestFilter(new FormAuthenticator(this.authService, this.authUserID, this.authSecret));
    }

    private void registerJWTAuthenticator(AbstractClient abstractClient) throws AuthException {
        SecretKey createKey = HMAC.createKey("HmacSHA256", this.authSecret.getBytes());
        String str = "{\"sub\":\"" + this.authUserID + "\",\"displayname\":\"" + this.authUserID + "\",\"groups\":[\"IMIXS-WORKFLOW-Manager\"]}";
        logger.finest("......Payload=" + str);
        try {
            abstractClient.registerClientRequestFilter(new JWTAuthenticator(new JWTBuilder().setKey(createKey).setPayload(str).getToken()));
        } catch (JWTException e) {
            e.printStackTrace();
            throw new AuthException("JWT_ERROR", e.getMessage(), (Exception) e);
        }
    }
}
