package com.inet.authentication.token.server.bearer;

import com.inet.authentication.ActiveAuthenticationProvider;
import com.inet.authentication.AuthenticationDescription;
import com.inet.authentication.AuthenticationProvider;
import com.inet.authentication.LoginProcessor;
import com.inet.authentication.TokenAuthenticationProvider;
import com.inet.authentication.token.TokenAuthenticationServerPlugin;
import com.inet.config.Configuration;
import com.inet.lib.json.Json;
import com.inet.lib.util.PasswordHashing;
import com.inet.lib.util.StringFunctions;
import com.inet.permissions.Permission;
import com.inet.permissions.SystemPermissionChecker;
import com.inet.usersandgroups.api.user.LoginSettings;
import com.inet.usersandgroups.api.user.UserAccount;
import com.inet.usersandgroups.api.user.UserManager;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/inet/authentication/token/server/bearer/a.class */
public class a implements ActiveAuthenticationProvider, AuthenticationProvider, TokenAuthenticationProvider {
    public String name() {
        return "bearer";
    }

    public int getPriority() {
        return 10000;
    }

    public LoginProcessor create(AuthenticationDescription authenticationDescription) {
        throw new UnsupportedOperationException();
    }

    public LoginProcessor createLoginProcessor(AuthenticationDescription authenticationDescription, String str, HttpServletRequest httpServletRequest, boolean z) {
        if (str == null || !str.startsWith("Bearer ") || str.length() <= 40) {
            return null;
        }
        String substring = str.substring(7, 32);
        char[] charArray = str.substring(32).toCharArray();
        UserAccount findActiveUserAccount = UserManager.getInstance().findActiveUserAccount("bearer", substring);
        if (findActiveUserAccount == null || !SystemPermissionChecker.hasAnyPermission(findActiveUserAccount, new Permission[]{TokenAuthenticationServerPlugin.TOKEN_AUTHENTICATION_PERMISSION})) {
            return null;
        }
        String servletPath = httpServletRequest.getServletPath();
        if (StringFunctions.isEmpty(servletPath)) {
            servletPath = httpServletRequest.getPathInfo();
        }
        if (servletPath == null) {
            return null;
        }
        for (LoginSettings loginSettings : findActiveUserAccount.getLoginSettings()) {
            if ("bearer".equals(loginSettings.getLoginSource()) && substring.equalsIgnoreCase(loginSettings.getLoginID())) {
                TokenLoginData tokenLoginData = (TokenLoginData) new Json().fromJson(loginSettings.getAdditionalData(), TokenLoginData.class);
                if (PasswordHashing.isMatching(tokenLoginData.getHash(), charArray)) {
                    return com.inet.authentication.token.server.a.c.a(tokenLoginData, servletPath, substring, findActiveUserAccount.getID(), "bearer");
                }
            }
        }
        return null;
    }

    public String getDisplayName(Map<String, String> map) {
        return TokenAuthenticationServerPlugin.MSG.getMsg("bearer.logins.displayName", new Object[0]);
    }

    public AuthenticationDescription getAuthenticationDescription(Map<String, String> map, boolean z, boolean z2) {
        if (!z) {
            return null;
        }
        map.put("icon", com.inet.authentication.token.server.a.class.getResource("token.png").toString());
        map.put("color", "#46be94");
        return new AuthenticationDescription(this, map, "bearer", AuthenticationDescription.BasicSupport.No);
    }

    public Map<String, String> applySettings(Map<String, String> map, Configuration configuration, @Nonnull List<Map<String, String>> list) {
        return new HashMap();
    }

    public boolean hasAdditionalConfigurationAction() {
        return false;
    }
}
