package org.trellisldp.dropwizard;

import com.google.common.cache.CacheBuilder;
import java.io.File;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.ws.rs.container.ContainerRequestFilter;
import org.trellisldp.api.ResourceService;
import org.trellisldp.api.TrellisRuntimeException;
import org.trellisldp.auth.basic.BasicAuthFilter;
import org.trellisldp.cache.TrellisCache;
import org.trellisldp.dropwizard.config.AuthConfiguration;
import org.trellisldp.dropwizard.config.CORSConfiguration;
import org.trellisldp.dropwizard.config.JwtAuthConfiguration;
import org.trellisldp.dropwizard.config.TrellisConfiguration;
import org.trellisldp.oauth.Authenticator;
import org.trellisldp.oauth.NullAuthenticator;
import org.trellisldp.oauth.OAuthFilter;
import org.trellisldp.oauth.OAuthUtils;
import org.trellisldp.webac.WebAcService;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/trellisldp/dropwizard/TrellisUtils.class */
public final class TrellisUtils {
    public static Authenticator getJwtAuthenticator(JwtAuthConfiguration jwtAuthConfiguration) {
        Authenticator buildAuthenticatorWithJwk = OAuthUtils.buildAuthenticatorWithJwk(jwtAuthConfiguration.getJwks());
        if (buildAuthenticatorWithJwk != null) {
            return buildAuthenticatorWithJwk;
        }
        Authenticator buildAuthenticatorWithTruststore = OAuthUtils.buildAuthenticatorWithTruststore(jwtAuthConfiguration.getKeyStore(), jwtAuthConfiguration.getKeyStorePassword().toCharArray(), jwtAuthConfiguration.getKeyIds());
        if (buildAuthenticatorWithTruststore != null) {
            return buildAuthenticatorWithTruststore;
        }
        Authenticator buildAuthenticatorWithSharedSecret = OAuthUtils.buildAuthenticatorWithSharedSecret(jwtAuthConfiguration.getKey());
        return buildAuthenticatorWithSharedSecret != null ? buildAuthenticatorWithSharedSecret : new NullAuthenticator();
    }

    public static WebAcService getWebacService(TrellisConfiguration trellisConfiguration, ResourceService resourceService) {
        if (!trellisConfiguration.getAuth().getWebac().getEnabled()) {
            return null;
        }
        WebAcService webAcService = new WebAcService(resourceService, new TrellisCache(CacheBuilder.newBuilder().maximumSize(trellisConfiguration.getAuth().getWebac().getCacheSize()).expireAfterWrite(trellisConfiguration.getAuth().getWebac().getCacheExpireSeconds(), TimeUnit.SECONDS).build()));
        try {
            webAcService.initialize();
            return webAcService;
        } catch (Exception e) {
            throw new TrellisRuntimeException("Error initializing Access Control system", e);
        }
    }

    public static List<ContainerRequestFilter> getAuthFilters(TrellisConfiguration trellisConfiguration) {
        ArrayList arrayList = new ArrayList();
        AuthConfiguration auth = trellisConfiguration.getAuth();
        String realm = trellisConfiguration.getAuth().getRealm();
        HashSet hashSet = new HashSet(trellisConfiguration.getAuth().getAdminUsers());
        if (auth.getJwt().getEnabled()) {
            OAuthFilter oAuthFilter = new OAuthFilter();
            oAuthFilter.setAuthenticator(getJwtAuthenticator(auth.getJwt()));
            oAuthFilter.setChallenge("Bearer realm=\"" + realm + "\"");
            oAuthFilter.setAdmins(hashSet);
            arrayList.add(oAuthFilter);
        }
        if (auth.getBasic().getEnabled() && auth.getBasic().getUsersFile() != null) {
            BasicAuthFilter basicAuthFilter = new BasicAuthFilter();
            basicAuthFilter.setFile(new File(auth.getBasic().getUsersFile()));
            basicAuthFilter.setChallenge("Basic realm=\"" + realm + "\"");
            basicAuthFilter.setAdmins(hashSet);
            arrayList.add(basicAuthFilter);
        }
        return arrayList;
    }

    public static String buildChallenge(String str, String str2, String str3) {
        return str + (str2.isEmpty() ? "" : " realm=\"" + str2 + "\"") + (str3.isEmpty() ? "" : " scope=\"" + str3 + "\"");
    }

    public static CORSConfiguration getCorsConfiguration(TrellisConfiguration trellisConfiguration) {
        if (trellisConfiguration.getCors().getEnabled()) {
            return trellisConfiguration.getCors();
        }
        return null;
    }

    private TrellisUtils() {
    }
}
