package de.braintags.netrelay.controller.authentication;

import de.braintags.io.vertx.util.security.CRUDPermissionMap;
import de.braintags.netrelay.RequestUtil;
import io.vertx.core.Handler;
import io.vertx.core.logging.Logger;
import io.vertx.core.logging.LoggerFactory;
import io.vertx.ext.auth.AuthProvider;
import io.vertx.ext.auth.User;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.Session;
import io.vertx.ext.web.handler.AuthHandler;
import io.vertx.ext.web.handler.impl.AuthHandlerImpl;
import io.vertx.ext.web.handler.impl.RedirectAuthHandlerImpl;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;

/* loaded from: input_file:de/braintags/netrelay/controller/authentication/RedirectAuthHandlerBt.class */
public class RedirectAuthHandlerBt extends AuthHandlerImpl {
    private static final Logger LOGGER = LoggerFactory.getLogger(RedirectAuthHandlerImpl.class);
    private final String loginRedirectURL;
    private final String returnURLParam;
    private CRUDPermissionMap permissionMap;

    public RedirectAuthHandlerBt(AuthProvider authProvider, String str, String str2) {
        super(authProvider);
        this.loginRedirectURL = str;
        this.returnURLParam = str2;
    }

    public void handle(RoutingContext routingContext) {
        Session session = routingContext.session();
        if (session == null) {
            routingContext.fail(new NullPointerException("No session - did you forget to include a SessionHandler?"));
            return;
        }
        User user = routingContext.user();
        if (user != null) {
            authorise(user, routingContext);
            return;
        }
        session.put(this.returnURLParam, RequestUtil.createRedirectUrl(routingContext.request(), routingContext.request().path()));
        routingContext.response().putHeader("location", this.loginRedirectURL).setStatusCode(302).end();
    }

    protected void authorise(User user, RoutingContext routingContext) {
        int size = this.authorities.size();
        if (size <= 0) {
            routingContext.next();
            return;
        }
        AtomicInteger atomicInteger = new AtomicInteger();
        AtomicBoolean atomicBoolean = new AtomicBoolean();
        Handler handler = asyncResult -> {
            if (asyncResult.failed()) {
                atomicBoolean.set(true);
                routingContext.fail(asyncResult.cause());
            } else if (((Boolean) asyncResult.result()).booleanValue()) {
                atomicBoolean.set(true);
                LOGGER.info("one authority fits: access granted");
                routingContext.next();
            } else if (atomicInteger.incrementAndGet() == size) {
                LOGGER.info("none of the authorities was fitting - access forbidden");
                routingContext.fail(403);
            }
        };
        for (String str : this.authorities) {
            if ("role:*".equals(str)) {
                atomicBoolean.set(true);
                LOGGER.info("Wildcard role authority found: access granted");
                routingContext.next();
            } else {
                user.isAuthorised(str, handler);
            }
            if (atomicBoolean.get()) {
                return;
            }
        }
    }

    public AuthHandler addAuthority(String str) {
        return str.startsWith("role:") ? super.addAuthority("role:" + addRoleAuthority(str.substring(5))) : super.addAuthority(str);
    }

    private String addRoleAuthority(String str) {
        return getPermissionMap().addPermissionEntry(str);
    }

    public CRUDPermissionMap getPermissionMap() {
        if (this.permissionMap == null) {
            this.permissionMap = new CRUDPermissionMap();
        }
        return this.permissionMap;
    }
}
