package org.imixs.workflow.office.oidc;

import jakarta.enterprise.context.RequestScoped;
import jakarta.enterprise.event.Observes;
import jakarta.faces.context.FacesContext;
import jakarta.inject.Inject;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import java.io.Serializable;
import java.security.Principal;
import java.util.logging.Logger;
import org.imixs.marty.profile.ProfileEvent;
import org.imixs.workflow.ItemCollection;
import org.imixs.workflow.exceptions.AccessDeniedException;
import org.wildfly.security.http.oidc.IDToken;
import org.wildfly.security.http.oidc.OidcSecurityContext;

@RequestScoped
@Produces({"text/plain"})
@Path("/oidc")
/* loaded from: input_file:org/imixs/workflow/office/oidc/WildflyLoginBean.class */
public class WildflyLoginBean implements Serializable {
    private static final long serialVersionUID = 1;
    private static Logger logger = Logger.getLogger(WildflyLoginBean.class.getName());

    @Inject
    Principal principal;

    @Produces({"text/plain"})
    @GET
    public String sessionInfoAuth() {
        String str;
        try {
            logger.info("Imixs-Security-OIDC - collecting context information... (see details in server log)");
            System.out.println("=========================================");
            if (this.principal != null) {
                System.out.println("  Principal name: " + this.principal.getName());
            } else {
                System.out.println("  Principal resolved to null!");
            }
            HttpServletRequest httpServletRequest = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
            if (httpServletRequest == null) {
                str = "Failed to resolve OpenIdContext!";
            } else {
                IDToken iDToken = ((OidcSecurityContext) httpServletRequest.getAttribute(OidcSecurityContext.class.getName())).getIDToken();
                if (iDToken == null) {
                    str = " unable to resolve IDToken!";
                } else {
                    System.out.println("  Subject = " + iDToken.getSubject());
                    System.out.println("  Access token = " + iDToken.getAccessTokenHash());
                    System.out.println("  ID token = " + iDToken.toString());
                    System.out.println("  Claims json = " + String.valueOf(iDToken.getClaimNames()));
                    System.out.println("=========================================");
                    str = "Imixs-Security-OIDC ==> OK \nUser Principal      ==> " + this.principal.getName() + "\n\nSession details are available on server log";
                }
            }
        } catch (Exception e) {
            str = "Failed to resolve OpenIdContext!";
            logger.warning(str);
            logger.warning(e.toString());
        }
        return str;
    }

    public void onProfileEvent(@Observes ProfileEvent profileEvent) throws AccessDeniedException {
        int eventType = profileEvent.getEventType();
        ItemCollection profile = profileEvent.getProfile();
        if (profile == null) {
            return;
        }
        if (2 == eventType || 3 == eventType) {
            logger.info("├── Processing Wildfly OIDC login...");
            HttpServletRequest httpServletRequest = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
            if (httpServletRequest == null) {
                logger.warning("│   ├── unable to resolve http request!");
                return;
            }
            IDToken iDToken = ((OidcSecurityContext) httpServletRequest.getAttribute(OidcSecurityContext.class.getName())).getIDToken();
            if (iDToken == null) {
                logger.warning("│   ├── unable to resolve IDToken!");
                return;
            }
            String str = iDToken.getName();
            String str2 = iDToken.getEmail();
            logger.info("│   ├── PreferredUsername=" + str);
            logger.info("│   ├── Email=" + str2);
            if (str2.equals(profile.getItemValueString("txtemail")) && str.equals(profile.getItemValueString("txtusername"))) {
                logger.info("│   ├── profile already up-to-date.");
                return;
            }
            logger.info("│   ├── update profile data...");
            profile.setItemValue("txtemail", str2);
            profile.setItemValue("txtusername", str);
        }
    }
}
