package org.apache.tomee.security.provider;

import java.lang.annotation.Annotation;
import java.util.Map;
import javax.enterprise.inject.spi.CDI;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.module.ServerAuthModule;
import javax.security.enterprise.AuthenticationException;
import javax.security.enterprise.AuthenticationStatus;
import org.apache.tomee.security.cdi.TomEESecurityServletAuthenticationMechanismMapper;
import org.apache.tomee.security.http.TomEEHttpMessageContext;

/* loaded from: input_file:lib/tomee-security-8.0.14.jar:org/apache/tomee/security/provider/TomEESecurityServerAuthModule.class */
public class TomEESecurityServerAuthModule implements ServerAuthModule {
    private CallbackHandler handler;

    public Class[] getSupportedMessageTypes() {
        return new Class[0];
    }

    public void initialize(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map map) throws AuthException {
        this.handler = callbackHandler;
    }

    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
        TomEEHttpMessageContext httpMessageContext = TomEEHttpMessageContext.httpMessageContext(this.handler, messageInfo, subject, null);
        ((TomEESecurityServletAuthenticationMechanismMapper) CDI.current().select(TomEESecurityServletAuthenticationMechanismMapper.class, new Annotation[0]).get()).getCurrentAuthenticationMechanism(httpMessageContext).cleanSubject(httpMessageContext.getRequest(), httpMessageContext.getResponse(), httpMessageContext);
    }

    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        TomEEHttpMessageContext httpMessageContext = TomEEHttpMessageContext.httpMessageContext(this.handler, messageInfo, subject, null);
        try {
            return mapToAuthStatus(((TomEESecurityServletAuthenticationMechanismMapper) CDI.current().select(TomEESecurityServletAuthenticationMechanismMapper.class, new Annotation[0]).get()).getCurrentAuthenticationMechanism(httpMessageContext).secureResponse(httpMessageContext.getRequest(), httpMessageContext.getResponse(), httpMessageContext));
        } catch (AuthenticationException e) {
            AuthException authException = new AuthException(e.getMessage());
            authException.initCause(e);
            throw authException;
        }
    }

    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        TomEEHttpMessageContext httpMessageContext = TomEEHttpMessageContext.httpMessageContext(this.handler, messageInfo, subject, subject2);
        try {
            return mapToAuthStatus(((TomEESecurityServletAuthenticationMechanismMapper) CDI.current().select(TomEESecurityServletAuthenticationMechanismMapper.class, new Annotation[0]).get()).getCurrentAuthenticationMechanism(httpMessageContext).validateRequest(httpMessageContext.getRequest(), httpMessageContext.getResponse(), httpMessageContext));
        } catch (AuthenticationException e) {
            AuthException authException = new AuthException(e.getMessage());
            authException.initCause(e);
            throw authException;
        }
    }

    private AuthStatus mapToAuthStatus(AuthenticationStatus authenticationStatus) {
        switch (authenticationStatus) {
            case SUCCESS:
            case NOT_DONE:
                return AuthStatus.SUCCESS;
            case SEND_FAILURE:
                return AuthStatus.SEND_FAILURE;
            case SEND_CONTINUE:
                return AuthStatus.SEND_CONTINUE;
            default:
                throw new IllegalArgumentException();
        }
    }
}
