package net.shrine.authentication.http4s;

import cats.data.Kleisli;
import cats.data.OptionT$;
import cats.data.OptionT$PurePartiallyApplied$;
import cats.effect.IO;
import cats.effect.IO$;
import java.net.URL;
import net.shrine.authentication.http4s.SSOAuthentication;
import net.shrine.authentication.pm.User;
import net.shrine.config.ConfigSource$;
import net.shrine.log.Log$;
import net.shrine.protocol.i2b2.Credential$;
import org.http4s.ContextRequest;
import org.http4s.Header;
import org.http4s.Headers$;
import org.http4s.Request;
import org.http4s.Response;
import org.http4s.Response$;
import org.http4s.Status$;
import org.http4s.server.package$AuthMiddleware$;
import org.http4s.util.CaseInsensitiveString$;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.collection.immutable.Map;
import scala.collection.immutable.Nil$;
import scala.package$;
import scala.runtime.LazyRef;
import scala.util.Either;

/* compiled from: SSOAuthentication.scala */
/* loaded from: input_file:net/shrine/authentication/http4s/SSOAuthentication$.class */
public final class SSOAuthentication$ {
    public static final SSOAuthentication$ MODULE$ = new SSOAuthentication$();
    private static volatile byte bitmap$init$0;

    public IO<Option<User>> getAuthUserFromHeader(String str, String str2) {
        return IO$.MODULE$.apply(() -> {
            LazyRef lazyRef = new LazyRef();
            Map empty = Predef$.MODULE$.Map().empty();
            Log$.MODULE$.info(() -> {
                return new StringBuilder(21).append("sessionTimeoutMsStr: ").append(sessionTimeoutMsStr$1(lazyRef)).toString();
            });
            return new Some(new User(str, str, str2, Credential$.MODULE$.apply("", false), empty, (Map) Predef$.MODULE$.Map().apply(Nil$.MODULE$), new Some(sessionTimeoutMsStr$1(lazyRef))));
        });
    }

    public Kleisli<IO, Request<IO>, Either<SSOAuthentication.SSOIssue, User>> authUser() {
        return new Kleisli<>(request -> {
            Header header;
            IO apply;
            String str = "REMOTE_USER";
            String str2 = "AJP_Shib-Identity-Provider";
            Some some = Headers$.MODULE$.get$extension(request.headers(), CaseInsensitiveString$.MODULE$.apply("REMOTE_USER"));
            Some some2 = Headers$.MODULE$.get$extension(request.headers(), CaseInsensitiveString$.MODULE$.apply("AJP_Shib-Identity-Provider"));
            Log$.MODULE$.info(() -> {
                return new StringBuilder(28).append("Got ").append(str).append(" = ").append(new Some(some).value()).append(" from request headers").toString();
            });
            Log$.MODULE$.info(() -> {
                return new StringBuilder(28).append("Got ").append(str2).append(" = ").append(new Some(some2).value()).append(" from request headers").toString();
            });
            if (None$.MODULE$.equals(some2)) {
                throw new RuntimeException(new StringBuilder(21).append("AJP_Shib-Identity-Provider").append(" not found in headers").toString());
            }
            if (!(some2 instanceof Some) || (header = (Header) some2.value()) == null) {
                throw new MatchError(some2);
            }
            String host = new URL(header.value()).getHost();
            Log$.MODULE$.info(() -> {
                return new StringBuilder(17).append("Got host = ").append(host).append(" from ").append(new Some(some2).value()).toString();
            });
            if (some instanceof Some) {
                apply = MODULE$.getAuthUserFromHeader(((Header) some.value()).value(), host).map(option -> {
                    return option.toRight(() -> {
                        return SSOAuthentication$UnexpectedSSOException$.MODULE$;
                    });
                });
            } else {
                Log$.MODULE$.error(() -> {
                    return new StringBuilder(45).append(str).append(" and/or ").append(str2).append(" was not found in the request headers").toString();
                });
                apply = IO$.MODULE$.apply(() -> {
                    return package$.MODULE$.Left().apply(SSOAuthentication$RemoteUserNotFoundException$.MODULE$);
                });
            }
            return apply;
        });
    }

    public Kleisli<?, ContextRequest<IO, SSOAuthentication.SSOIssue>, Response<IO>> onAuthFailure() {
        return new Kleisli<>(contextRequest -> {
            contextRequest.req();
            Log$.MODULE$.error(() -> {
                return new StringBuilder(34).append("Responded with status ").append(Status$.MODULE$.Unauthorized()).append(" to request ").append(contextRequest.req()).toString();
            });
            return OptionT$PurePartiallyApplied$.MODULE$.apply$extension(OptionT$.MODULE$.pure(), new Response(Status$.MODULE$.Unauthorized(), Response$.MODULE$.apply$default$2(), Response$.MODULE$.apply$default$3(), Response$.MODULE$.apply$default$4(), Response$.MODULE$.apply$default$5()), IO$.MODULE$.ioEffect());
        });
    }

    public Function1<Kleisli<?, ContextRequest<IO, User>, Response<IO>>, Kleisli<?, Request<IO>, Response<IO>>> authMiddleware() {
        return package$AuthMiddleware$.MODULE$.apply(authUser(), onAuthFailure(), IO$.MODULE$.ioEffect());
    }

    private static final /* synthetic */ String sessionTimeoutMsStr$lzycompute$1(LazyRef lazyRef) {
        String str;
        synchronized (lazyRef) {
            str = lazyRef.initialized() ? (String) lazyRef.value() : (String) lazyRef.initialize(net.shrine.config.package$.MODULE$.ConfigExtensions(ConfigSource$.MODULE$.config()).getOption("shrine.webclient.sessionTimeoutMs", config -> {
                return str2 -> {
                    return config.getString(str2);
                };
            }).getOrElse(() -> {
                return "1900000";
            }));
        }
        return str;
    }

    private static final String sessionTimeoutMsStr$1(LazyRef lazyRef) {
        return lazyRef.initialized() ? (String) lazyRef.value() : sessionTimeoutMsStr$lzycompute$1(lazyRef);
    }

    private SSOAuthentication$() {
    }
}
