package dev.galasa.framework.api.authentication.internal;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTCreationException;
import com.google.gson.Gson;
import dev.galasa.framework.spi.IFramework;
import java.io.IOException;
import java.security.Principal;
import java.util.Date;
import java.util.Map;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;

/* loaded from: input_file:dev/galasa/framework/api/authentication/internal/Authenticate.class */
public class Authenticate extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static String SECRET_KEY = "framework.jwt.secret";
    private static long FOUR_HOURS_EXPIRE = 14400000;

    @Reference
    public IFramework framework;
    private final Properties configurationProperties = new Properties();

    /* loaded from: input_file:dev/galasa/framework/api/authentication/internal/Authenticate$AuthJson.class */
    private class AuthJson {
        protected String cps;
        protected String dss;
        protected String ras;

        private AuthJson() {
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Gson gson = new Gson();
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (userPrincipal == null) {
            httpServletResponse.setStatus(401);
            httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
            httpServletResponse.getWriter().write("Requires authentication");
            return;
        }
        if (httpServletRequest.isUserInRole("admin")) {
            try {
                String createJWT = createJWT(userPrincipal.getName(), "admin", FOUR_HOURS_EXPIRE);
                AuthJson authJson = new AuthJson();
                authJson.cps = createJWT;
                authJson.dss = createJWT;
                authJson.ras = createJWT;
                String json = gson.toJson(authJson);
                httpServletResponse.setContentType("application/json");
                try {
                    httpServletResponse.getWriter().write(json);
                    return;
                } catch (IOException e) {
                    httpServletResponse.setStatus(500);
                    httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
                    httpServletResponse.getWriter().write("Failed to create json");
                    return;
                }
            } catch (JWTCreationException e2) {
                httpServletResponse.setStatus(500);
                httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
                httpServletResponse.getWriter().write("Token could not be generated");
                return;
            }
        }
        if (!httpServletRequest.isUserInRole("user")) {
            httpServletResponse.setStatus(401);
            httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
            httpServletResponse.getWriter().write("Does not have the 'user' role");
            return;
        }
        try {
            String createJWT2 = createJWT(userPrincipal.getName(), "user", FOUR_HOURS_EXPIRE);
            AuthJson authJson2 = new AuthJson();
            authJson2.cps = createJWT2;
            authJson2.dss = createJWT2;
            authJson2.ras = createJWT2;
            String json2 = gson.toJson(authJson2);
            httpServletResponse.setContentType("application/json");
            try {
                httpServletResponse.getWriter().write(json2);
            } catch (IOException e3) {
                httpServletResponse.setStatus(500);
                httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
                httpServletResponse.getWriter().write("Failed to create json");
            }
        } catch (JWTCreationException e4) {
            httpServletResponse.setStatus(500);
            httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Galasa\"");
            httpServletResponse.getWriter().write("Token could not be generated");
        }
    }

    public String createJWT(String str, String str2, long j) throws JWTCreationException {
        Algorithm HMAC256 = Algorithm.HMAC256(this.configurationProperties.get(SECRET_KEY).toString());
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        return JWT.create().withIssuer("galasa").withIssuedAt(date).withSubject(str).withClaim("role", str2).withExpiresAt(new Date(currentTimeMillis + j)).sign(HMAC256);
    }

    @Activate
    public void activate(Map<String, Object> map) {
        modified(map);
    }

    @Modified
    public void modified(Map<String, Object> map) {
        synchronized (this.configurationProperties) {
            String str = (String) map.get(SECRET_KEY);
            if (str != null) {
                this.configurationProperties.put(SECRET_KEY, str);
            } else {
                this.configurationProperties.remove(SECRET_KEY);
            }
        }
    }

    @Deactivate
    void deactivate() {
        this.configurationProperties.clear();
    }
}
