package org.aktin.dwh.admin.auth;

import de.sekmi.li2b2.services.token.Token;
import java.util.List;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.aktin.dwh.Authentication;
import org.aktin.dwh.Authenticator;
import org.aktin.dwh.admin.I2b2Authentication;
import org.aktin.dwh.admin.Permission;
import org.apache.xmlgraphics.util.MimeConstants;

@Path("auth")
/* loaded from: input_file:admin-gui-0.8.war:WEB-INF/classes/org/aktin/dwh/admin/auth/AuthEndpoint.class */
public class AuthEndpoint {
    private static final Logger log = Logger.getLogger(AuthEndpoint.class.getName());

    @Inject
    private Authenticator authenticator;

    @Inject
    private TokenManager tokens;

    @Context
    private SecurityContext security;

    @Path("login")
    @Consumes({"application/json", "application/xml"})
    @POST
    @Produces({MimeConstants.MIME_PLAIN_TEXT})
    public Response authenticateUser(Credentials credentials) {
        if (this.authenticator == null) {
            log.severe("No Authenticator available from CDI; rejecting all users");
            return Response.status(Response.Status.SERVICE_UNAVAILABLE).build();
        }
        Authentication authenticate = this.authenticator.authenticate(credentials.username, credentials.password.toCharArray());
        return authenticate != null ? Response.ok(this.tokens.registerPrincipal((TokenManager) authenticate)).build() : Response.status(Response.Status.UNAUTHORIZED).build();
    }

    @Path("logout")
    @Secured
    @Consumes({MimeConstants.MIME_PLAIN_TEXT})
    @POST
    @Produces({"application/json"})
    public String logout(String str) {
        Token<Authentication> lookupToken = this.tokens.lookupToken(str);
        lookupToken.invalidate();
        return "{duration:" + (System.currentTimeMillis() - lookupToken.issuedTimeMillis()) + "}";
    }

    @GET
    @Path("role")
    @Secured
    public String getRole() {
        I2b2Authentication i2b2Authentication = (I2b2Authentication) this.security.getUserPrincipal();
        return i2b2Authentication.isAdmin() ? I2b2Authentication.ROLE_ADMIN : i2b2Authentication.getRole();
    }

    @GET
    @Path("permissions")
    @Secured
    public List<Permission> getPermissions() {
        return ((I2b2Authentication) this.security.getUserPrincipal()).getPermissions();
    }

    @GET
    @Path("has/{role}")
    @Secured
    @Deprecated
    public boolean hasRole(@PathParam("role") String str) {
        I2b2Authentication i2b2Authentication = (I2b2Authentication) this.security.getUserPrincipal();
        return str.equals(I2b2Authentication.ROLE_ADMIN) ? i2b2Authentication.isAdmin() : str.equals(i2b2Authentication.getRole());
    }

    @GET
    @Path("check")
    @Secured
    public boolean authCheck() {
        return true;
    }

    @GET
    @Path("status")
    @Secured
    @Produces({"application/json"})
    public AuthStatus getStatus() {
        return new AuthStatus();
    }
}
