package io.quarkus.oidc.runtime;

import io.quarkus.arc.Arc;
import io.quarkus.oidc.AccessTokenCredential;
import io.quarkus.oidc.OIDCException;
import io.quarkus.oidc.TenantIdentityProvider;
import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.TokenAuthenticationRequest;
import io.quarkus.security.spi.runtime.BlockingSecurityExecutor;
import io.quarkus.vertx.http.runtime.security.HttpSecurityUtils;
import io.smallrye.mutiny.Uni;
import io.vertx.ext.web.RoutingContext;
import java.lang.annotation.Annotation;
import java.util.Map;
import java.util.function.Supplier;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/quarkus/oidc/runtime/TenantSpecificOidcIdentityProvider.class */
public final class TenantSpecificOidcIdentityProvider extends OidcIdentityProvider implements TenantIdentityProvider {
    private final String tenantId;
    private final BlockingSecurityExecutor blockingExecutor;

    /* JADX INFO: Access modifiers changed from: package-private */
    public TenantSpecificOidcIdentityProvider(String str, DefaultTenantConfigResolver defaultTenantConfigResolver, BlockingSecurityExecutor blockingSecurityExecutor) {
        super(defaultTenantConfigResolver, blockingSecurityExecutor);
        this.blockingExecutor = blockingSecurityExecutor;
        this.tenantId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TenantSpecificOidcIdentityProvider(String str) {
        this(str, (DefaultTenantConfigResolver) Arc.container().instance(DefaultTenantConfigResolver.class, new Annotation[0]).get(), (BlockingSecurityExecutor) Arc.container().instance(BlockingSecurityExecutor.class, new Annotation[0]).get());
    }

    @Override // io.quarkus.oidc.TenantIdentityProvider
    public Uni<SecurityIdentity> authenticate(AccessTokenCredential accessTokenCredential) {
        return authenticate(new TokenAuthenticationRequest(accessTokenCredential));
    }

    @Override // io.quarkus.oidc.runtime.OidcIdentityProvider
    protected Uni<TenantConfigContext> resolveTenantConfigContext(TokenAuthenticationRequest tokenAuthenticationRequest, AuthenticationRequestContext authenticationRequestContext) {
        return this.tenantResolver.resolveContext(this.tenantId).onItem().ifNull().failWith(new Supplier<Throwable>() { // from class: io.quarkus.oidc.runtime.TenantSpecificOidcIdentityProvider.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.function.Supplier
            public Throwable get() {
                return new OIDCException("Failed to resolve tenant context");
            }
        });
    }

    @Override // io.quarkus.oidc.runtime.OidcIdentityProvider
    protected Map<String, Object> getRequestData(TokenAuthenticationRequest tokenAuthenticationRequest) {
        RoutingContext routingContextAttribute = HttpSecurityUtils.getRoutingContextAttribute(tokenAuthenticationRequest);
        return routingContextAttribute != null ? routingContextAttribute.data() : Map.of();
    }

    private Uni<SecurityIdentity> authenticate(TokenAuthenticationRequest tokenAuthenticationRequest) {
        return authenticate(tokenAuthenticationRequest, new AuthenticationRequestContext() { // from class: io.quarkus.oidc.runtime.TenantSpecificOidcIdentityProvider.2
            public Uni<SecurityIdentity> runBlocking(Supplier<SecurityIdentity> supplier) {
                return TenantSpecificOidcIdentityProvider.this.blockingExecutor.executeBlocking(supplier);
            }
        });
    }
}
