package com.sap.cloud.security.test.jetty;

import com.sap.cloud.security.servlet.TokenAuthenticationResult;
import com.sap.cloud.security.servlet.TokenAuthenticator;
import java.security.Principal;
import java.util.HashSet;
import java.util.function.Function;
import javax.security.auth.Subject;
import org.eclipse.jetty.ee10.servlet.ServletContextRequest;
import org.eclipse.jetty.ee10.servlet.ServletContextResponse;
import org.eclipse.jetty.security.AuthenticationState;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.Constraint;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.security.internal.DefaultUserIdentity;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.Callback;

/* loaded from: input_file:com/sap/cloud/security/test/jetty/JettyTokenAuthenticator.class */
public class JettyTokenAuthenticator implements Authenticator {
    private final TokenAuthenticator tokenAuthenticator;

    public JettyTokenAuthenticator(TokenAuthenticator tokenAuthenticator) {
        this.tokenAuthenticator = tokenAuthenticator;
    }

    public void setConfiguration(Authenticator.Configuration configuration) {
    }

    public String getAuthenticationType() {
        return "Token";
    }

    public Constraint.Authorization getConstraintAuthentication(String str, Constraint.Authorization authorization, Function<Boolean, Session> function) {
        return Constraint.Authorization.ANY_USER;
    }

    public AuthenticationState validateRequest(Request request, Response response, Callback callback) throws ServerAuthException {
        TokenAuthenticationResult validateRequest = this.tokenAuthenticator.validateRequest(request instanceof ServletContextRequest ? ((ServletContextRequest) request).getServletApiRequest() : null, response instanceof ServletContextResponse ? ((ServletContextResponse) response).getServletApiResponse() : null);
        if (validateRequest.isAuthenticated()) {
            return createAuthentication(validateRequest);
        }
        Response.writeError(request, response, callback, 401, validateRequest.getUnauthenticatedReason());
        return AuthenticationState.SEND_FAILURE;
    }

    private AuthenticationState createAuthentication(TokenAuthenticationResult tokenAuthenticationResult) {
        Principal principal = tokenAuthenticationResult.getPrincipal();
        HashSet hashSet = new HashSet();
        hashSet.add(principal);
        return new LoginAuthenticator.UserAuthenticationSucceeded(getAuthenticationType(), new DefaultUserIdentity(new Subject(true, hashSet, new HashSet(), new HashSet()), principal, (String[]) tokenAuthenticationResult.getScopes().toArray(new String[0])));
    }
}
