package org.forgerock.openam.rest.resource;

import com.google.common.base.Supplier;
import com.google.common.base.Suppliers;
import com.google.inject.assistedinject.Assisted;
import com.google.inject.name.Named;
import com.iplanet.dpro.session.Session;
import com.iplanet.dpro.session.SessionException;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.entitlement.opensso.SubjectUtils;
import com.sun.identity.shared.debug.Debug;
import javax.inject.Inject;
import javax.security.auth.Subject;
import org.forgerock.openam.rest.RestUtils;
import org.forgerock.openam.session.SessionCache;
import org.forgerock.services.context.AbstractContext;
import org.forgerock.services.context.Context;
import org.forgerock.services.context.SecurityContext;
import org.forgerock.util.Reject;

/* loaded from: input_file:org/forgerock/openam/rest/resource/SSOTokenContext.class */
public class SSOTokenContext extends AbstractContext implements SubjectContext {
    private final Supplier<Subject> subject;
    private final Supplier<SSOToken> token;
    private final Supplier<SessionID> sessionId;
    private final Supplier<Session> session;

    /* loaded from: input_file:org/forgerock/openam/rest/resource/SSOTokenContext$Factory.class */
    public interface Factory {
        SSOTokenContext create(Context context);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSOTokenContext(final Debug debug, final SessionCache sessionCache, Context context, final Supplier<SSOToken> supplier) {
        super(context, "ssoToken");
        this.token = Suppliers.memoize(supplier);
        this.subject = Suppliers.memoize(new Supplier<Subject>() { // from class: org.forgerock.openam.rest.resource.SSOTokenContext.1
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public Subject m22get() {
                SSOToken sSOToken = (SSOToken) supplier.get();
                if (sSOToken == null) {
                    return null;
                }
                return SubjectUtils.createSubject(sSOToken);
            }
        });
        this.sessionId = Suppliers.memoize(new Supplier<SessionID>() { // from class: org.forgerock.openam.rest.resource.SSOTokenContext.2
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public SessionID m23get() {
                SSOToken sSOToken = (SSOToken) supplier.get();
                if (sSOToken == null) {
                    return null;
                }
                return new SessionID(sSOToken.getTokenID().toString());
            }
        });
        this.session = Suppliers.memoize(new Supplier<Session>() { // from class: org.forgerock.openam.rest.resource.SSOTokenContext.3
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public Session m24get() {
                try {
                    SessionID sessionID = (SessionID) SSOTokenContext.this.sessionId.get();
                    if (sessionID == null) {
                        return null;
                    }
                    return sessionCache.getSession(sessionID);
                } catch (SessionException e) {
                    debug.warning("Requested session but could not return one", e);
                    return null;
                }
            }
        });
    }

    @Inject
    public SSOTokenContext(@Named("amSession") final Debug debug, SessionCache sessionCache, @Assisted final Context context) {
        this(debug, sessionCache, context, new Supplier<SSOToken>() { // from class: org.forgerock.openam.rest.resource.SSOTokenContext.4
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public SSOToken m25get() {
                try {
                    return SSOTokenContext.getSsoToken(context);
                } catch (SSOException e) {
                    debug.message("Could not get SSOToken from context", e);
                    return null;
                }
            }
        });
        Reject.ifFalse(context.containsContext(SecurityContext.class), "Parent context must contain a SecurityContext");
    }

    public static SSOToken getSsoToken(Context context) throws SSOException {
        Reject.ifFalse(context.containsContext(SecurityContext.class), "Parent context must contain a SecurityContext");
        Context context2 = (SecurityContext) context.asContext(SecurityContext.class);
        if (context.containsContext(SSOTokenContext.class)) {
            SSOTokenContext sSOTokenContext = (SSOTokenContext) context.asContext(SSOTokenContext.class);
            if (sSOTokenContext.asContext(SecurityContext.class) == context2) {
                return sSOTokenContext.getCallerSSOToken();
            }
        }
        String cookieFromServerContext = RestUtils.getCookieFromServerContext(context2);
        if (cookieFromServerContext == null) {
            return null;
        }
        return SSOTokenManager.getInstance().createSSOToken(cookieFromServerContext);
    }

    @Override // org.forgerock.openam.rest.resource.SubjectContext
    public Subject getCallerSubject() {
        return (Subject) this.subject.get();
    }

    @Override // org.forgerock.openam.rest.resource.SubjectContext
    public SSOToken getCallerSSOToken() {
        return (SSOToken) this.token.get();
    }

    @Override // org.forgerock.openam.rest.resource.SubjectContext
    public SessionID getCallerSessionID() {
        return (SessionID) this.sessionId.get();
    }

    @Override // org.forgerock.openam.rest.resource.SubjectContext
    public Session getCallerSession() {
        return (Session) this.session.get();
    }
}
