package com.ibm.ws.security.javaeesec.cdi.beans;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import java.util.Map;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Default;
import javax.enterprise.inject.spi.CDI;
import javax.security.auth.Subject;
import javax.security.enterprise.AuthenticationException;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
import javax.security.enterprise.authentication.mechanism.http.LoginToContinue;
import javax.security.enterprise.credential.Credential;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@LoginToContinue
@Default
@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@ApplicationScoped
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/javaeesec/cdi/beans/CustomFormAuthenticationMechanism.class */
public class CustomFormAuthenticationMechanism implements HttpAuthenticationMechanism {
    private static final TraceComponent tc = Tr.register(CustomFormAuthenticationMechanism.class, "security", "com.ibm.ws.security.javaeesec.cdi.internal.resources.JavaEESecMessages");
    private final Utils utils;
    static final long serialVersionUID = 6828998563553729345L;

    public CustomFormAuthenticationMechanism() {
        this.utils = new Utils();
    }

    protected CustomFormAuthenticationMechanism(Utils utils) {
        this.utils = utils;
    }

    public AuthenticationStatus validateRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) throws AuthenticationException {
        AuthenticationStatus handleFormLogin;
        AuthenticationStatus authenticationStatus = AuthenticationStatus.SEND_FAILURE;
        Subject clientSubject = httpMessageContext.getClientSubject();
        AuthenticationParameters authParameters = httpMessageContext.getAuthParameters();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "AuthenticationParameters : " + authParameters, new Object[0]);
        }
        if (authParameters == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No AuthenticationParameters object, redirecting", new Object[0]);
            }
            handleFormLogin = AuthenticationStatus.SEND_CONTINUE;
        } else {
            Credential credential = authParameters.getCredential();
            if (credential != null) {
                handleFormLogin = handleFormLogin(credential, authParameters.isNewAuthentication() ? null : httpMessageContext.getResponse(), clientSubject, httpMessageContext);
            } else if (httpMessageContext.isAuthenticationRequest() || httpMessageContext.isProtected()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No Credential object, redirecting", new Object[0]);
                }
                handleFormLogin = AuthenticationStatus.SEND_CONTINUE;
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "both isAuthenticationRequest and isProtected return false. returing NOT_DONE,", new Object[0]);
                }
                handleFormLogin = AuthenticationStatus.NOT_DONE;
            }
        }
        return handleFormLogin;
    }

    public AuthenticationStatus secureResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) throws AuthenticationException {
        return AuthenticationStatus.SUCCESS;
    }

    public void cleanSubject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpMessageContext httpMessageContext) {
    }

    private AuthenticationStatus handleFormLogin(@Sensitive Credential credential, HttpServletResponse httpServletResponse, Subject subject, HttpMessageContext httpMessageContext) throws AuthenticationException {
        int i;
        AuthenticationStatus handleAuthenticate = this.utils.handleAuthenticate(getCDI(), "defaultRealm", credential, subject, httpMessageContext);
        if (handleAuthenticate == AuthenticationStatus.SUCCESS) {
            Map map = httpMessageContext.getMessageInfo().getMap();
            map.put("javax.servlet.http.authType", "CUSTOM_FORM");
            map.put("javax.servlet.http.registerSession", Boolean.TRUE.toString());
            i = 200;
        } else {
            i = handleAuthenticate == AuthenticationStatus.NOT_DONE ? 200 : 401;
        }
        if (httpServletResponse != null) {
            httpServletResponse.setStatus(i);
        }
        return handleAuthenticate;
    }

    protected CDI getCDI() {
        return CDI.current();
    }
}
