package co.cask.cdap.security.guice;

import co.cask.cdap.common.conf.CConfiguration;
import co.cask.cdap.common.io.Codec;
import co.cask.cdap.security.auth.AccessToken;
import co.cask.cdap.security.auth.AccessTokenCodec;
import co.cask.cdap.security.auth.AccessTokenIdentifier;
import co.cask.cdap.security.auth.AccessTokenIdentifierCodec;
import co.cask.cdap.security.auth.AccessTokenTransformer;
import co.cask.cdap.security.auth.AccessTokenValidator;
import co.cask.cdap.security.auth.KeyIdentifier;
import co.cask.cdap.security.auth.KeyIdentifierCodec;
import co.cask.cdap.security.auth.TokenManager;
import co.cask.cdap.security.auth.TokenValidator;
import co.cask.cdap.security.server.AuditLogHandler;
import co.cask.cdap.security.server.ExternalAuthenticationServer;
import co.cask.cdap.security.server.GrantAccessToken;
import com.google.inject.Binder;
import com.google.inject.Inject;
import com.google.inject.Injector;
import com.google.inject.PrivateModule;
import com.google.inject.Provider;
import com.google.inject.Provides;
import com.google.inject.Scopes;
import com.google.inject.TypeLiteral;
import com.google.inject.multibindings.MapBinder;
import com.google.inject.name.Named;
import com.google.inject.name.Names;
import java.util.HashMap;
import java.util.Map;
import org.eclipse.jetty.server.Handler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/cask/cdap/security/guice/SecurityModule.class */
public abstract class SecurityModule extends PrivateModule {
    private static final Logger EXTERNAL_AUTH_AUDIT_LOG = LoggerFactory.getLogger("external-auth-access");

    /* loaded from: input_file:co/cask/cdap/security/guice/SecurityModule$AuthenticationHandlerMapProvider.class */
    private static final class AuthenticationHandlerMapProvider implements Provider<Map<String, Object>> {
        private final Map<String, Object> handlerMap;

        @Inject
        AuthenticationHandlerMapProvider(@Named("security.handlers.map") Map<String, Object> map) {
            this.handlerMap = new HashMap(map);
        }

        /* renamed from: get, reason: merged with bridge method [inline-methods] */
        public Map<String, Object> m27get() {
            return this.handlerMap;
        }
    }

    /* loaded from: input_file:co/cask/cdap/security/guice/SecurityModule$AuthenticationHandlerProvider.class */
    private static final class AuthenticationHandlerProvider implements Provider<Handler> {
        private final Injector injector;
        private final Class<? extends Handler> handlerClass;

        @Inject
        private AuthenticationHandlerProvider(Injector injector, Class<? extends Handler> cls) {
            this.injector = injector;
            this.handlerClass = cls;
        }

        /* renamed from: get, reason: merged with bridge method [inline-methods] */
        public Handler m28get() {
            return (Handler) this.injector.getInstance(this.handlerClass);
        }
    }

    protected final void configure() {
        bind(new TypeLiteral<Codec<AccessToken>>() { // from class: co.cask.cdap.security.guice.SecurityModule.1
        }).to(AccessTokenCodec.class).in(Scopes.SINGLETON);
        bind(new TypeLiteral<Codec<AccessTokenIdentifier>>() { // from class: co.cask.cdap.security.guice.SecurityModule.2
        }).to(AccessTokenIdentifierCodec.class).in(Scopes.SINGLETON);
        bind(new TypeLiteral<Codec<KeyIdentifier>>() { // from class: co.cask.cdap.security.guice.SecurityModule.3
        }).to(KeyIdentifierCodec.class).in(Scopes.SINGLETON);
        bindKeyManager(binder());
        bind(TokenManager.class).in(Scopes.SINGLETON);
        bind(ExternalAuthenticationServer.class).in(Scopes.SINGLETON);
        MapBinder newMapBinder = MapBinder.newMapBinder(binder(), String.class, Object.class, Names.named("security.handlers.map"));
        newMapBinder.addBinding(ExternalAuthenticationServer.HandlerType.AUTHENTICATION_HANDLER).toProvider(AuthenticationHandlerProvider.class);
        newMapBinder.addBinding(ExternalAuthenticationServer.HandlerType.GRANT_TOKEN_HANDLER).to(GrantAccessToken.class);
        bind(AuditLogHandler.class).annotatedWith(Names.named(ExternalAuthenticationServer.NAMED_EXTERNAL_AUTH)).toInstance(new AuditLogHandler(EXTERNAL_AUTH_AUDIT_LOG));
        bind(new TypeLiteral<Map<String, Object>>() { // from class: co.cask.cdap.security.guice.SecurityModule.4
        }).annotatedWith(Names.named("security.handlers")).toProvider(AuthenticationHandlerMapProvider.class).in(Scopes.SINGLETON);
        bind(TokenValidator.class).to(AccessTokenValidator.class);
        bind(AccessTokenTransformer.class).in(Scopes.SINGLETON);
        expose(AccessTokenTransformer.class);
        expose(TokenValidator.class);
        expose(TokenManager.class);
        expose(ExternalAuthenticationServer.class);
        expose(new TypeLiteral<Codec<KeyIdentifier>>() { // from class: co.cask.cdap.security.guice.SecurityModule.5
        });
    }

    @Provides
    private Class<? extends Handler> provideHandlerClass(CConfiguration cConfiguration) throws ClassNotFoundException {
        return cConfiguration.getClass("security.authentication.handlerClassName", (Class) null, Handler.class);
    }

    protected abstract void bindKeyManager(Binder binder);
}
