package io.helidon.security;

import io.helidon.security.AuditEvent;
import io.helidon.security.SecurityResponse;
import io.helidon.security.internal.SecurityAuditEvent;
import io.helidon.security.spi.AuthenticationProvider;
import java.util.Objects;
import java.util.Optional;

/* loaded from: input_file:io/helidon/security/AuthenticationClientImpl.class */
final class AuthenticationClientImpl implements SecurityClient<AuthenticationResponse> {
    private final Security security;
    private final SecurityContextImpl context;
    private final SecurityRequest request;
    private final String providerName;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthenticationClientImpl(Security security, SecurityContextImpl securityContextImpl, SecurityRequest securityRequest, String str) {
        this.security = security;
        this.context = securityContextImpl;
        this.request = securityRequest;
        this.providerName = str;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.helidon.security.SecurityClient
    public AuthenticationResponse submit() {
        return mapSubject((AuthenticationResponse) this.security.resolveAtnProvider(this.providerName).map(this::authenticate).orElseThrow(() -> {
            return new SecurityException("Could not find any authentication provider. Security is not configured");
        }));
    }

    private AuthenticationResponse mapSubject(AuthenticationResponse authenticationResponse) {
        AuthenticationResponse authenticationResponse2;
        ProviderRequest providerRequest = new ProviderRequest(this.context, this.request.resources());
        if (authenticationResponse.status() == SecurityResponse.SecurityStatus.SUCCESS && (authenticationResponse2 = (AuthenticationResponse) this.security.subjectMapper().map(subjectMappingProvider -> {
            return subjectMappingProvider.map(providerRequest, authenticationResponse);
        }).orElseGet(() -> {
            return authenticationResponse;
        })) != authenticationResponse) {
            Optional<Subject> user = authenticationResponse2.user();
            SecurityContextImpl securityContextImpl = this.context;
            Objects.requireNonNull(securityContextImpl);
            user.ifPresent(securityContextImpl::setUser);
            Optional<Subject> service = authenticationResponse2.service();
            SecurityContextImpl securityContextImpl2 = this.context;
            Objects.requireNonNull(securityContextImpl2);
            service.ifPresent(securityContextImpl2::setService);
            return authenticationResponse2;
        }
        return authenticationResponse;
    }

    private AuthenticationResponse authenticate(AuthenticationProvider authenticationProvider) {
        ProviderRequest providerRequest = new ProviderRequest(this.context, this.request.resources());
        AuthenticationResponse authenticate = authenticationProvider.authenticate(providerRequest);
        try {
            if (!authenticate.status().isSuccess()) {
                SecurityAuditEvent addParam = SecurityAuditEvent.failure("authn.authenticate", "Provider %s. Message: %s").addParam(AuditEvent.AuditParam.plain("provider", authenticationProvider.getClass().getName())).addParam(AuditEvent.AuditParam.plain("message", authenticate.description().orElse(null)));
                authenticate.throwable().map(th -> {
                    return addParam.addParam(AuditEvent.AuditParam.plain("exception", authenticate.throwable()));
                });
                this.context.audit(addParam);
                return authenticate;
            }
            Optional<Subject> user = authenticate.user();
            SecurityContextImpl securityContextImpl = this.context;
            Objects.requireNonNull(securityContextImpl);
            user.ifPresent(securityContextImpl::setUser);
            Optional<Subject> service = authenticate.service();
            SecurityContextImpl securityContextImpl2 = this.context;
            Objects.requireNonNull(securityContextImpl2);
            service.ifPresent(securityContextImpl2::setService);
            this.context.audit(SecurityAuditEvent.success("authn.authenticate", "Path %s. Provider %s. Subject %s").addParam(AuditEvent.AuditParam.plain("path", providerRequest.env().path())).addParam(AuditEvent.AuditParam.plain("provider", authenticationProvider.getClass().getName())).addParam(AuditEvent.AuditParam.plain("subject", authenticate.user())));
            return authenticate;
        } catch (Exception e) {
            this.context.audit(SecurityAuditEvent.error("authn.authenticate", "Provider %s. Message: %s").addParam(AuditEvent.AuditParam.plain("provider", authenticationProvider.getClass().getName())).addParam(AuditEvent.AuditParam.plain("message", e.getMessage())).addParam(AuditEvent.AuditParam.plain("exception", e)));
            throw new SecurityException(e);
        }
    }
}
