package fish.payara.security.openid.controller;

import fish.payara.security.openid.api.OpenIdConstant;
import fish.payara.security.openid.api.OpenIdState;
import fish.payara.security.openid.domain.OpenIdConfiguration;
import fish.payara.security.openid.domain.OpenIdNonce;
import java.io.IOException;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.security.enterprise.AuthenticationStatus;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.UriBuilder;
import org.glassfish.common.util.StringHelper;

@ApplicationScoped
/* loaded from: input_file:MICRO-INF/runtime/openid-client-integration.jar:fish/payara/security/openid/controller/AuthenticationController.class */
public class AuthenticationController {

    @Inject
    private StateController stateController;

    @Inject
    private NonceController nonceController;
    private static final Logger LOGGER = Logger.getLogger(AuthenticationController.class.getName());

    public AuthenticationStatus authenticateUser(OpenIdConfiguration openIdConfiguration, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        UriBuilder queryParam = UriBuilder.fromUri(openIdConfiguration.getProviderMetadata().getAuthorizationEndpoint()).queryParam("scope", openIdConfiguration.getScopes()).queryParam(OpenIdConstant.RESPONSE_TYPE, openIdConfiguration.getResponseType()).queryParam(OpenIdConstant.CLIENT_ID, openIdConfiguration.getClientId()).queryParam(OpenIdConstant.REDIRECT_URI, openIdConfiguration.buildRedirectURI(httpServletRequest));
        OpenIdState openIdState = new OpenIdState();
        queryParam.queryParam("state", openIdState.getValue());
        this.stateController.store(openIdState, openIdConfiguration, httpServletRequest, httpServletResponse);
        if (openIdConfiguration.isUseNonce()) {
            OpenIdNonce openIdNonce = new OpenIdNonce();
            queryParam.queryParam("nonce", this.nonceController.getNonceHash(openIdNonce));
            this.nonceController.store(openIdNonce, openIdConfiguration, httpServletRequest, httpServletResponse);
        }
        if (!StringHelper.isEmpty(openIdConfiguration.getResponseMode())) {
            queryParam.queryParam(OpenIdConstant.RESPONSE_MODE, openIdConfiguration.getResponseMode());
        }
        if (!StringHelper.isEmpty(openIdConfiguration.getDisplay())) {
            queryParam.queryParam(OpenIdConstant.DISPLAY, openIdConfiguration.getDisplay());
        }
        if (!StringHelper.isEmpty(openIdConfiguration.getPrompt())) {
            queryParam.queryParam(OpenIdConstant.PROMPT, openIdConfiguration.getPrompt());
        }
        Map<String, String> extraParameters = openIdConfiguration.getExtraParameters();
        queryParam.getClass();
        extraParameters.forEach((str, obj) -> {
            queryParam.queryParam(str, obj);
        });
        String obj2 = queryParam.toString();
        LOGGER.log(Level.FINEST, "Redirecting for authentication to {0}", obj2);
        try {
            httpServletResponse.sendRedirect(obj2);
            return AuthenticationStatus.SEND_CONTINUE;
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }
}
