package com.sap.cloud.security.test.jetty;

import com.sap.cloud.security.servlet.TokenAuthenticationResult;
import com.sap.cloud.security.servlet.TokenAuthenticator;
import java.io.IOException;
import java.security.Principal;
import java.util.HashSet;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.DefaultUserIdentity;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/security/test/jetty/JettyTokenAuthenticator.class */
public class JettyTokenAuthenticator implements Authenticator {
    private static final Logger LOGGER = LoggerFactory.getLogger(JettyTokenAuthenticator.class);
    private final TokenAuthenticator tokenAuthenticator;

    public JettyTokenAuthenticator(TokenAuthenticator tokenAuthenticator) {
        this.tokenAuthenticator = tokenAuthenticator;
    }

    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) {
        TokenAuthenticationResult validateRequest = this.tokenAuthenticator.validateRequest(servletRequest, servletResponse);
        if (validateRequest.isAuthenticated()) {
            return createAuthentication(validateRequest);
        }
        sendUnauthenticatedResponse(servletResponse, validateRequest.getUnauthenticatedReason());
        return Authentication.UNAUTHENTICATED;
    }

    private void sendUnauthenticatedResponse(ServletResponse servletResponse, String str) {
        if (servletResponse instanceof HttpServletResponse) {
            try {
                ((HttpServletResponse) servletResponse).sendError(401, str);
            } catch (IOException e) {
                LOGGER.error("Failed to send error response", e);
            }
        }
    }

    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
    }

    public String getAuthMethod() {
        return "Token";
    }

    public void prepareRequest(ServletRequest servletRequest) {
    }

    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) {
        return true;
    }

    private Authentication createAuthentication(TokenAuthenticationResult tokenAuthenticationResult) {
        Principal principal = tokenAuthenticationResult.getPrincipal();
        HashSet hashSet = new HashSet();
        hashSet.add(principal);
        return new UserAuthentication(getAuthMethod(), new DefaultUserIdentity(new Subject(true, hashSet, new HashSet(), new HashSet()), principal, (String[]) tokenAuthenticationResult.getScopes().toArray(new String[0])));
    }
}
