package com.top_logic.security.auth.pac4j.servlet;

import com.top_logic.base.accesscontrol.ExternalAuthenticationServlet;
import com.top_logic.base.accesscontrol.Login;
import com.top_logic.base.accesscontrol.LoginCredentials;
import com.top_logic.knowledge.wrap.person.Person;
import com.top_logic.layout.basic.DefaultDisplayContext;
import com.top_logic.security.auth.pac4j.config.Pac4jConfigFactory;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Optional;
import org.pac4j.core.config.Config;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.session.JEESessionStore;
import org.pac4j.oidc.profile.OidcProfile;

/* loaded from: input_file:com/top_logic/security/auth/pac4j/servlet/Pac4jAuthenticationServlet.class */
public class Pac4jAuthenticationServlet extends ExternalAuthenticationServlet {
    protected LoginCredentials retrieveLoginCredentials(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ExternalAuthenticationServlet.ForwardRequiredException, Login.LoginDeniedException, Login.LoginFailedException {
        Optional<UserProfile> userProfile = getUserProfile(httpServletRequest, httpServletResponse);
        if (userProfile.isPresent()) {
            return getLoginCredentials(userProfile);
        }
        throw new Login.LoginDeniedException("No user profile retrieved.");
    }

    private LoginCredentials getLoginCredentials(Optional<UserProfile> optional) {
        UserProfile userProfile = optional.get();
        String clientName = userProfile.getClientName();
        return LoginCredentials.fromUser(Pac4jConfigFactory.getInstance().getUserMapping(clientName).findAccountForExternalName(getUserName(userProfile, clientName)));
    }

    private String getUserName(UserProfile userProfile, String str) {
        return Pac4jConfigFactory.getInstance().getUserNameExtractor(str).getUserName((CommonProfile) userProfile);
    }

    protected void loginUser(Person person, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Login.InMaintenanceModeException {
        super.loginUser(person, httpServletRequest, httpServletResponse);
        OidcProfile oidcProfile = (UserProfile) getUserProfile(httpServletRequest, httpServletResponse).get();
        if (oidcProfile instanceof OidcProfile) {
            installUserTokens(new Pac4jUserTokens(DefaultDisplayContext.getDisplayContext(httpServletRequest), oidcProfile));
        }
    }

    private Optional<UserProfile> getUserProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Config pac4jConfig = Pac4jConfigFactory.getInstance().getPac4jConfig();
        ProfileManager profileManager = (ProfileManager) pac4jConfig.getProfileManagerFactory().apply(new JEEContext(httpServletRequest, httpServletResponse), new JEESessionStore());
        profileManager.setConfig(pac4jConfig);
        return profileManager.getProfile();
    }
}
