package io.trino.server.ui;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.common.base.Strings;
import com.google.inject.Inject;
import io.trino.server.security.ResourceSecurity;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.ForbiddenException;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.NewCookie;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.util.Objects;
import java.util.Optional;

@Produces({"application/json"})
@ResourceSecurity(ResourceSecurity.AccessType.WEB_UI)
@Path("")
@Consumes({"application/json"})
/* loaded from: input_file:io/trino/server/ui/LoginPreviewResource.class */
public class LoginPreviewResource {
    private final FormWebUiAuthenticationFilter formWebUiAuthenticationManager;

    /* loaded from: input_file:io/trino/server/ui/LoginPreviewResource$LoginForm.class */
    public static final class LoginForm extends Record {

        @JsonProperty
        private final String username;

        @JsonProperty
        private final String password;

        public LoginForm(@JsonProperty String str, @JsonProperty String str2) {
            this.username = str;
            this.password = str2;
        }

        public String username() {
            return this.username;
        }

        public String password() {
            return this.password;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, LoginForm.class), LoginForm.class, "username;password", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->username:Ljava/lang/String;", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->password:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, LoginForm.class), LoginForm.class, "username;password", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->username:Ljava/lang/String;", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->password:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, LoginForm.class, Object.class), LoginForm.class, "username;password", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->username:Ljava/lang/String;", "FIELD:Lio/trino/server/ui/LoginPreviewResource$LoginForm;->password:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }
    }

    @Inject
    public LoginPreviewResource(FormWebUiAuthenticationFilter formWebUiAuthenticationFilter) {
        this.formWebUiAuthenticationManager = (FormWebUiAuthenticationFilter) Objects.requireNonNull(formWebUiAuthenticationFilter, "formWebUiAuthenticationManager is null");
    }

    @GET
    @Path("/ui/preview/auth/info")
    public AuthInfo getAuthInfo(ContainerRequestContext containerRequestContext, @Context SecurityContext securityContext) {
        boolean isPasswordAllowed = this.formWebUiAuthenticationManager.isPasswordAllowed(securityContext.isSecure());
        Optional<String> authenticatedUsername = this.formWebUiAuthenticationManager.getAuthenticatedUsername(containerRequestContext);
        return new AuthInfo("form", isPasswordAllowed, authenticatedUsername.isPresent(), authenticatedUsername);
    }

    @POST
    @Path("/ui/preview/auth/login")
    public Response login(LoginForm loginForm, @Context SecurityContext securityContext) {
        String emptyToNull = Strings.emptyToNull(loginForm.username());
        String emptyToNull2 = Strings.emptyToNull(loginForm.password());
        if (!this.formWebUiAuthenticationManager.isAuthenticationEnabled(securityContext.isSecure())) {
            throw new ForbiddenException();
        }
        Optional<NewCookie[]> checkLoginCredentials = this.formWebUiAuthenticationManager.checkLoginCredentials(emptyToNull, emptyToNull2, securityContext.isSecure());
        if (checkLoginCredentials.isEmpty()) {
            throw new ForbiddenException();
        }
        return Response.noContent().cookie(checkLoginCredentials.get()).build();
    }

    @GET
    @Path("/ui/preview/auth/logout")
    public Response logout(@Context HttpHeaders httpHeaders, @Context SecurityContext securityContext) {
        return Response.noContent().cookie(FormWebUiAuthenticationFilter.getDeleteCookies(httpHeaders.getCookies(), securityContext.isSecure())).build();
    }
}
