package org.glassfish.soteria.cdi;

import java.io.Serializable;
import java.lang.annotation.Annotation;
import java.util.Optional;
import java.util.Set;
import javax.annotation.Priority;
import javax.el.ELProcessor;
import javax.enterprise.inject.Intercepted;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.CDI;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
import javax.security.enterprise.authentication.mechanism.http.RememberMe;
import javax.security.enterprise.credential.RememberMeCredential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
import javax.security.enterprise.identitystore.RememberMeIdentityStore;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.persistence.jpa.rs.ReservedWords;
import org.glassfish.soteria.Utils;
import org.glassfish.soteria.servlet.CookieHandler;
import org.jboss.weld.interceptor.WeldInvocationContext;

@RememberMe
@Priority(210)
@Interceptor
/* loaded from: input_file:org/glassfish/soteria/cdi/RememberMeInterceptor.class */
public class RememberMeInterceptor implements Serializable {
    private static final long serialVersionUID = 1;
    private final BeanManager beanManager;
    private final Bean<?> interceptedBean;

    @Inject
    public RememberMeInterceptor(BeanManager beanManager, @Intercepted Bean<?> bean) {
        this.beanManager = beanManager;
        this.interceptedBean = bean;
    }

    @AroundInvoke
    public Object intercept(InvocationContext invocationContext) throws Exception {
        if (Utils.isImplementationOf(invocationContext.getMethod(), Utils.validateRequestMethod)) {
            return validateRequest(invocationContext, (HttpServletRequest) Utils.getParam(invocationContext, 0), (HttpServletResponse) Utils.getParam(invocationContext, 1), (HttpMessageContext) Utils.getParam(invocationContext, 2));
        }
        if (Utils.isImplementationOf(invocationContext.getMethod(), Utils.cleanSubjectMethod)) {
            cleanSubject(invocationContext, (HttpServletRequest) Utils.getParam(invocationContext, 0), (HttpServletResponse) Utils.getParam(invocationContext, 1), (HttpMessageContext) Utils.getParam(invocationContext, 2));
        }
        return invocationContext.proceed();
    }

    private AuthenticationStatus validateRequest(InvocationContext invocationContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) throws Exception {
        RememberMeIdentityStore rememberMeIdentityStore = (RememberMeIdentityStore) CDI.current().select(RememberMeIdentityStore.class, new Annotation[0]).get2();
        RememberMe rememberMeFromIntercepted = getRememberMeFromIntercepted(getElProcessor(invocationContext, httpMessageContext), invocationContext);
        Cookie cookie = CookieHandler.getCookie(httpServletRequest, rememberMeFromIntercepted.cookieName());
        if (cookie != null) {
            CredentialValidationResult validate = rememberMeIdentityStore.validate(new RememberMeCredential(cookie.getValue()));
            if (validate.getStatus() == CredentialValidationResult.Status.VALID) {
                return httpMessageContext.notifyContainerAboutLogin(validate.getCallerPrincipal(), validate.getCallerGroups());
            }
            CookieHandler.removeCookie(httpServletRequest, httpServletResponse, rememberMeFromIntercepted.cookieName());
        }
        AuthenticationStatus authenticationStatus = (AuthenticationStatus) invocationContext.proceed();
        if (authenticationStatus == AuthenticationStatus.SUCCESS && httpMessageContext.getCallerPrincipal() != null) {
            Boolean bool = true;
            if (rememberMeFromIntercepted instanceof RememberMeAnnotationLiteral) {
                bool = Boolean.valueOf(((RememberMeAnnotationLiteral) rememberMeFromIntercepted).isRememberMe());
            }
            if (bool.booleanValue()) {
                CookieHandler.saveCookie(httpServletRequest, httpServletResponse, rememberMeFromIntercepted.cookieName(), rememberMeIdentityStore.generateLoginToken(Utils.toCallerPrincipal(httpMessageContext.getCallerPrincipal()), httpMessageContext.getGroups()), Integer.valueOf(rememberMeFromIntercepted.cookieMaxAgeSeconds()), rememberMeFromIntercepted.cookieSecureOnly(), rememberMeFromIntercepted.cookieHttpOnly());
            }
        }
        return authenticationStatus;
    }

    private void cleanSubject(InvocationContext invocationContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) throws Exception {
        RememberMeIdentityStore rememberMeIdentityStore = (RememberMeIdentityStore) CDI.current().select(RememberMeIdentityStore.class, new Annotation[0]).get2();
        RememberMe rememberMeFromIntercepted = getRememberMeFromIntercepted(getElProcessor(invocationContext, httpMessageContext), invocationContext);
        Cookie cookie = CookieHandler.getCookie(httpServletRequest, rememberMeFromIntercepted.cookieName());
        if (cookie != null) {
            CookieHandler.removeCookie(httpServletRequest, httpServletResponse, rememberMeFromIntercepted.cookieName());
            rememberMeIdentityStore.removeLoginToken(cookie.getValue());
        }
        invocationContext.proceed();
    }

    private RememberMe getRememberMeFromIntercepted(ELProcessor eLProcessor, InvocationContext invocationContext) {
        Optional annotation = CdiUtils.getAnnotation(this.beanManager, this.interceptedBean.getBeanClass(), RememberMe.class);
        if (annotation.isPresent()) {
            return RememberMeAnnotationLiteral.eval((RememberMe) annotation.get(), eLProcessor);
        }
        Set set = (Set) invocationContext.getContextData().get(WeldInvocationContext.INTERCEPTOR_BINDINGS_KEY);
        if (set != null) {
            Optional map = set.stream().filter(annotation2 -> {
                return annotation2.annotationType().equals(RememberMe.class);
            }).findAny().map(annotation3 -> {
                return (RememberMe) RememberMe.class.cast(annotation3);
            });
            if (map.isPresent()) {
                return RememberMeAnnotationLiteral.eval((RememberMe) map.get(), eLProcessor);
            }
        }
        throw new IllegalStateException("@RememberMe not present on " + this.interceptedBean.getBeanClass());
    }

    private ELProcessor getElProcessor(InvocationContext invocationContext, HttpMessageContext httpMessageContext) {
        ELProcessor eLProcessor = new ELProcessor();
        eLProcessor.getELManager().addELResolver(this.beanManager.getELResolver());
        eLProcessor.defineBean(ReservedWords.JPARS_REL_SELF, invocationContext.getTarget());
        eLProcessor.defineBean("httpMessageContext", httpMessageContext);
        return eLProcessor;
    }
}
