package io.jans.as.server.service.external;

import io.jans.as.common.model.registration.Client;
import io.jans.as.server.auth.Authenticator;
import io.jans.as.server.service.external.context.ExternalClientAuthnContext;
import io.jans.model.custom.script.CustomScriptType;
import io.jans.model.custom.script.conf.CustomScriptConfiguration;
import io.jans.model.custom.script.type.client.ClientAuthnType;
import io.jans.service.custom.script.ExternalScriptService;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;

@ApplicationScoped
/* loaded from: input_file:io/jans/as/server/service/external/ExternalClientAuthnService.class */
public class ExternalClientAuthnService extends ExternalScriptService {

    @Inject
    private Authenticator authenticator;

    public ExternalClientAuthnService() {
        super(CustomScriptType.CLIENT_AUTHN);
    }

    public Client externalAuthenticateClient(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        List<CustomScriptConfiguration> customScriptConfigurations = getCustomScriptConfigurations();
        if (customScriptConfigurations == null || customScriptConfigurations.isEmpty()) {
            this.log.trace("Unable to perform client authentication by custom script because there is no `client_authn` scripts.");
            return null;
        }
        for (CustomScriptConfiguration customScriptConfiguration : customScriptConfigurations) {
            Client externalAuthenticateClient = externalAuthenticateClient(customScriptConfiguration, httpServletRequest, httpServletResponse);
            if (externalAuthenticateClient != null) {
                this.log.trace("Client {} authenticated successfully by custom script {}.", getClientId(externalAuthenticateClient), customScriptConfiguration.getName());
                return externalAuthenticateClient;
            }
        }
        this.log.trace("All `client_authn` scripts returned false.");
        return null;
    }

    private Client externalAuthenticateClient(CustomScriptConfiguration customScriptConfiguration, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Client client;
        ClientAuthnType externalType = customScriptConfiguration.getExternalType();
        this.log.trace("Executing external 'authenticateClient' method, script name: {}, requestParameters: {}", customScriptConfiguration.getName(), httpServletRequest.getParameterMap());
        try {
            client = (Client) externalType.authenticateClient(new ExternalClientAuthnContext(httpServletRequest, httpServletResponse));
            if (client != null) {
                this.authenticator.configureSessionClient(client);
            }
        } catch (Exception e) {
            this.log.error("Failed to run external 'authenticateClient' method of script " + customScriptConfiguration.getName(), e);
            client = null;
        }
        this.log.trace("Executed external 'authenticateClient' method, client {}, script name: {}, requestParameters: {}", new Object[]{getClientId(client), customScriptConfiguration.getName(), httpServletRequest.getParameterMap()});
        return client;
    }

    private static String getClientId(Client client) {
        return client != null ? client.getClientId() : "null";
    }
}
